Are You Making These WordPress Security Mistakes?

Here at Blueshoon, we love WordPress and we’re not the only ones. Did you know that 24% of websites worldwide are created using WordPress? If you’ve ever built a website, you know there’s a lot of work that goes into it: design, content, navigation, marketing, SEO, and so much more. One of that last, but most important thing people forget about is security. Unfortunately, like any website, WordPress sites are vulnerable to hackers which is why WordPress security is so important. Many users make security mistakes without even realizing it. Here are six steps you can take to make it harder for cyber-criminals to hack your site:

  • Keep WordPress up to date
    WordPress continually strives to address security issues and includes fixes in every new update they release. Keeping your software up to date will dramatically reduce your chances of getting hacked. If you are using an earlier version, hackers are more likely to choose your site to hack. Also, make sure you download the updates from Any other source offering updates may be fraudulent.
  • Do not get plugins or themes from untrusted sources (and update them regularly)
    There are thousands of themes and plugins everywhere and there are also thousands that are embedded with malware. Make sure you do your research before using them and only get them from reputable sources. Also make sure to update them regularly and delete any you don’t use.
  • Change the default “admin” WordPress username
    When you first set up WordPress, your default username is “admin.” However, it is vital that you change it to something unique. Hackers look for the easiest sites to hack and when your username is “admin,” getting past the password is their only barrier. Using a unique username and password puts two strong barriers up and greatly increases your security.
  • Choose a strong password
    This should go without saying, but many people still choose weak passwords for their WordPress site and get hacked every day because of it. When choosing a password, avoid using your name, username, company name, or website name. Make it long, with a mixture of letters, numbers, and punctuation.
  • Make sure your computer and WiFi are secure
    Any malware your computer has can potentially harm your website, so make sure you regularly scan for malware. Also, make sure your network connection is secure by updating your firewalls and making sure the WiFi you’re using is a trusted connection (…so not the WiFi at Starbucks).
  • Run your WordPress site on a trusted web server
    Using a trusted server to host your website is extremely important. If one site on a server gets hacked, there is potential for any site on that server to get hacked despite any security precautions you take. This is why a low population web hosting company that specializes in WordPress security (*cough*, BLUESHOON, *cough*) is a great option. So do some research to see what security measures your host takes.

Being cognizant of WordPress security and taking steps to reduce the likelihood of your site being hacked is vital. If you’re curious about the WordPress security of your website, follow the link below to get a free security report.

Get Your Free WordPress Security Scan Report