Years ago a computer teacher told the class “You will not find a BUB on your keyboard!” Huh?? Blow Up Button – Ohhhhh! I’m not saying wordpress has a blow up button but if you don’t take simple measures – it might as well! WP hacks & crashes have become a concern the past week or more including sites like WooThemes and one of my own valued clients site and I’m sure that is far – far from the end of the list!
I feel it warrants some attention. I recommend a read through 4 Simple Ways to Secure (and Maintain) Your WP Site for some valuable information.
In a nutshell:
1. UPDATE, daily if needed: I know I sound like a broken record, but this is the most basic item on the list and it can literally make or break your site! WP 3.3.2 was just released and it addresses some important security issues – do not ignore it! Additionally, update plugins and themes as will. Remove any plugins or themes you are not using while your at it. WP is in the beta phase of 3.4 as well so look out for this.
2. Secure your computer – keep anti-virus software, and all software for that matter up to date, don’t ignore update messages there’s a reason they are there! Mac users beware! Viruses are gaining popularity. I had malware pop up the other day, it was written for Microsoft, it may not have hurt me but that doesn’t mean I couldn’t pass it along to others that have PC’s.
3. Passwords & Usernames: passwords, make sure they are secure, change them up, don’t use “admin” for your WP username, don’t use the same password everywhere, remove user profiles from your dashboard which no longer require access to your site.
4. Research plug ins & themes before activating them. Research the stability of a WP update before running it. Run a full cpanel update before a WP update. Don’t just install any plugin that you think will be neat to have. Read the details, research popularity, conflicts etc.
5. Hosting: Have a host that offers a standard cpanel and is secure. Run full cpanel back ups periodically and before doing WP updates. WP back up plug ins are good to have in place, but from experience when a full restore of your site is needed, the host needs the full back up. I have yet to find any use of the WP generated back up. IMPORTANT: I didn’t say don’t install/use them, I just said back up various ways. Find a host with 24/7 phone support as well as one recommended by friends and fellow site owners. There is nothing worse then discovering your site is down – having a host on the other side of the world – they only use a ticket system so no one to call – and when you get a response it’s too tell you they don’t have a security department – good luck with that!
All the above has NOTHING to do with how much traffic you get on your site! Too many people say, I don’t get much traffic – or my site isn’t that big. I don’t know why hackers and malware coders do what they do, but I promise they don’t care if you have high traffic or a huge page count. If your site is unsecured it’s fair game!
Trust me giving your WP site a little TLC is WAY better then waking up one morning and your whole site, all your hard work (and the hard work of your site designer) is gone! If you need help getting your site up to date Eco-Office Gals offers one-time or monthly maintenance services. Contact us at anytime.
Thanks for the tip Dave 😉 I think the WP DB backup plug in I use does that (I think) but since my host will do a full restore for me as long as I have the files I find it so much easier to call them and let them handle it so I don’t do any damage. They do it for me free with file, if no back up file is available they will use their weekly master for a small fee. Anyone else have tips or tricks? Please share!
One other recommendation I heard awhile back is to set up a database backup system that sends your DB file to you regularly in case you do have a complete implosion. This way your data is still secure and once the website is functional again, you can restore most if not all of your content.