July 25, 2017

WordPress Security and Maintenance

I have been working with WordPress for over 8 years now and I still love it as a blog and content management system (CMS). When I started working with WordPress, I didn’t have to worry much about people trying to hack my site or find vulnerabilities. That was something that happened to the big guys, not us smaller sites. Well, no more. Now WordPress sites as well as other website platforms are under attack. How does WordPress get attacked? I’ll let Sucuri explain in this very thorough blog post they published a few months ago. Instead I thought I would share with you a few of my favorite tools for maintaining and securing WordPress.

Managed Hosting
This is a change I made recently when launching the new Marketing Roadhouse. My previous hosting company was great, but the onus of security was 100% on my shoulders with regards to WordPress installations. When I was looking for a platform that provided all the functionality I wanted for this site, it was an extra bonus that the hosting was managed meaning the company proactively monitors for malware and attacks. There are several companies out there that specialize in WordPress hosting and I suggest checking them out if you don’t want to manage your own WordPress.

BackupBuddy
If you have ever updated WordPress and/or a plugin and it caused an issue on your website, then you know how important it is to do back-ups. BackupBuddy is an easy to use plugin that allows you to perform database and full backups either manually or scheduled. You also have several options for storing that backup off-site of your website host which I strongly recommend. Do a backup before any upgrades, so that you can revert back to that backup if something goes wrong. BackupBuddy also helps you move your website from one hosting company to another.

iThemes Security Pro
Upon installing iThemes Security Pro, you do a scan of your site. The plugin will provide you a list of things you need to do in order to secure your site as well as the level of importance to perform each one. The plugin does malware scans and can lock users out that try to access files they shouldn’t. I will give credit to this tool for saving one of my sites by alerting me to a high number of people trying access files that didn’t exist. I was able to make some changes using iThemes Security Pro to tighten security even more and keep my site from being under attack.

Sucuri
While I don’t currently use this service, I have used it in the past for one of my clients and really liked it. This service is not only for WordPress and supports many other platforms. The system scans for Malware and will clean it up as well. They can also help with blacklist removal and repair. To me, the best part of the service is that they will help you remove the malware from your site, not just tell you it is there.

I am not being compensated by any of these companies mentioned. I use them now or in the past and have been happy with the results. I do install and configure BackupBuddy and iThemes Security Pro for clients, so if you do need any help just let me know. If you don’t have any security tools on your WordPress site, please add it to your to do list.