How to secure your WordPress site
It seems that each new day brings with it a frightening report of hackers stealing sensitive information. That being said, security is imperative to all sites, and one can never truly be too careful. Staying vigilant about security is not a one-time thing. It is a regular part of the responsibility of having a website and while WordPress takes preventative measures, you should too.
Below are tips on how to secure your WordPress site:
1) Have a strong password
This is perhaps the most important component to good security. You might think you are doing yourself a favor by setting up a password that contains a word closely related to you, such as your birthday month, your pet’s name, or your maiden last name, but consider that a lot of the personal information people integrate into their passwords under the auspices that it is “easier to remember” is often the same information that person publishes on their social networking pages.
Consider this: you picked your hometown or place of birth as part of your password or an answer to your security question. A hacker can just browse your Facebook information and gain that information. If you have your social network accounts protected, that is not enough. That same hacker can look up birth records with your name as part of public information and find your home town.
This means that your passwords need to be difficult to remember. That is the point. A good hacker will try all of the things closely related to you. You want something that is not connected to your past, something that is at least 10 characters in length, and something that mixes letters and numbers both capitalized and not.
2) Stay current with updates
New updates for different programs or software are released for a reason. Typically they are released to patch a hole in security, to introduce a new potentially protective feature, or to fix a bug. If you ignore new updates for your personal computer, work computer, or updates for a website, you run the risk of opening, figuratively, the door to a hacker. There is absolutely no excuse not to implement security patch updates for your WordPress site.
3) Protect the Admin Access
You want to disguise your admin username and to make sure that you have a strong password for all administrator access. You can incorporate a special Yubikey for log-ins if you want to go above and beyond. This will require not just a password for admin access but the physically inserted USB based Yubikey.