Listen up, superhero:
It’s time to get serious about your plan of attack against hackers.
I’m gonna break it down for you.
- Website security basics. What you should have in place and how to do it.
- My two favorite security powerhouse WordPress plugins. Pick one to install today.
- If your website does get hacked, here’s what you need. You can also use one these as a colossal preventative measure.
One, two, three — go!
Website security basics
- Delete your “admin” user: Why? Because then hackers only have to guess your password to hack into your site (read: you’re making it only half as hard for ’em. Gulp.). Check out this free video tutorial showing you how to delete the admin user in WordPress and how to replace it with a secure alternative. Easy peasy and lemon squ…quickly!
- Use an ultra-secure password for your user account: That is, a password that contains symbols, numbers, capital letters — all that good shiz. Feel free to use this free strong password generator. This goes for all of your accounts, btw (WordPress, hosting, domain, email, you name it).
- Do your WordPress updates monthly: Or more frequently if you can. Don’t get lazy (yeah, I see you skipping your updates to binge-watch Game of Thrones!) And as always, do your updates on a test site — not on your live site — in case doing an update causes your website to get wonky and glitchy (which could mean spending hundreds of bucks to have a developer fix it. Womp womp).
The badass bouncers of the WordPress world
Here are my two favorite security powerhouse WordPress plugins. Pick one to install today.
Wordfence is one of the very best WordPress plugins and I recommend it all the time. Both the free and paid versions are excellent, although I encourage you to invest the very reasonable $39/year for automated regular malware scans and other features. Check out my video tutorial to get you started.
iThemes Security is massive. Available free and for $80+/year.
Caveat: My only issue with it — and one I encourage you to watch out for — is that it used to rewrite my .htaccess file and break my website. It happened many times, once when I had a very shitty and slow internet connection (that sucked, yo). But it’s pretty freakin’ amazing and worth a fair shot.
Additional service — for when shit hits the fan
Sucuri detects, cleans up, and prevents malware (a.k.a. harmful software installed on your site by hackers, that redirects your website visitors to porn sites or other places). You’ll definitely want to buy Sucuri if your site’s been compromised. $99+/year.
Worried your site might be infected? Run it through Sucuri’s free sitecheck.
If you don’t have any security measures going yet, I recommend you get Wordfence or iThemes Security and install it on your website right now. Also be sure to take a few minutes to implement all the security basics listed above (even if you’re new, you can change your username and password in 10 minutes and spare yourself debilitating migraine headaches and Broadway-worthy “why meeeeee?!” breakdowns while crying on your keyboard).
The Be Your Own WordPress Superhero DIY Website Maintenance course covers everything you need to know to give hackers the middle finger.
In the course, you’ll get immediately actionable video tutorials and PDF guides & checklists to keep your website running smoothly, safely, and quickly. If you’re the hands-on type, it may be the exact thing you need to take full control over your website maintenance.
Click here to check out the 3-part freebie series!