WordPress security review 2020

One of the most popular content management systems is WordPress.

Why? – easy to operate, there are thousands of themes and plugins, you can create any site. It is not surprising that with such a set of advantages, WordPress “lives” in 35 % of all sites on the Network.

But the popularity of WordPress pays for those who often come to the attention of hackers.

That is, the main focus when using – the protection of your WordPress site; and no matter, it is a personal blog business site.

If we talk about WordPress security, users are usually divided into those who take security seriously and take all necessary measures, and those who rely on the case…

To understand the situation, we recommend sometimes going to the Internet statistics page, where you can see the number of sites hacked daily.

 

So that your site doesn’t end up in this list:

  1. Choose a hosting company with security features

The first step to protecting your WordPress site is to invest in a hosting company that implements proper security features. This includes support for the latest versions of PHP, Apache and MySQL, firewall and constant security monitoring; backup and scanning by antivirus programs and measures to block DDOS.

The hosting company is the first barrier to the site, and the additional costs will definitely pay off.

  1. Strong passwords
  2. Select a user name other than the default
  3. Create a member or editor account to work on the site.
  4. Configure the backup plugin
  5. Replace the address of the admin area (admin panel)
  6. Protect your computer (server)
  7. Change the database prefix of the site
  8. Check the access levels to .htaccess and wp-config.php
  9. Check and change the file access rights.
  10. Preferably-two-factor authentication
  11. Disable XML-RPC for mobile systems
  12. enable the mandatory use of HTTPS and SSL
  13. Disable editing themes and plugins via the control panel
  14. Change the security keys
  15. To disable error reporting in WordPress
  16. Delete or change the WordPress version number
  17. Implement security headers
  18. Select the time interval for the inactive user to log out of the session

WordPress is a powerful system that makes it easy to create a website, and if you follow our advice , you will be on your way to creating a secure site.