Whith WordPress becoming the most popular CMS (content management system) solution out there the question of how to keep it safe is also becoming more and more relevant.
There are sources saying that WordPress market share is currently over 60% i.e. that out of all CMSes used on the internet more than 60% are built on WordPress. The number of sites using it on web regardless if they use CMS or not is 30% meaning that one known vulnerability has the potential of taking i.e. infecting 30% of websites on the internet.

So what can you as an owner to tackle this fact?

5 critical elements to keep your WordPress site fortified

1. Keep the core and plugins up to date

WordPress is really user friendly when it comes to core and plugin updates and it will notify you in its dashboard when a new release is available. Depending on your configuration it will usually be enough to do a few clicks and update the site. Key precaution here is to take a backup of the site before doing the same to have a failback in case anything does go wrong.

With this said it is surprising how many websites do not perform this regularly and each missed update means your website is open to attacks based on a known  vulnerability.

So do keep your CMS and plugins up to date!

Update your WordPress

2. Keep your server tidy

This one is a bit technical but in general rule of thumb and something to communicate with your developer is to avoid having multiple websites in the same server environment.

So don’t keep all apples in the same basket, especially if they are of different sorts (WordPress, Drupal, Joomla! etc.) and in different stages of life (development site and live site). The rule of one rotten apple really applies here and although it might seem practical at a certain point, it is bound to cause you issues in the future and it presents a huge security liability.

3. Update your passwords regularly

In the last years we’ve seen that even big companies leak information and what is worse it is often customer private data and passwords. So no matter what, it would be key to update your passwords and make them strong. The same goes for your WordPress admin user!

The next rather related step is to always review all the admins you do have in there and check their permissions – limiting power if it is not needed is always better as it minimizes the chances of that user becoming an entry point.

Password updated
Encrypt your website with SSL

4. Encrypt the site with SSL

Now here is an interesting one – Encryption of the site with SSL. We already mentioned why SSL is important and then we also offer a free SSL option with our Firewall  but what is worth repeating is that SSL encryption of the site does not prevent hacks of the site. SSL is key here to encrypt the communication between visitors and server and thus “masks it” so that hackers can’t “eavesdrop”. So in this way it protects that communication and info and of course in that way also prevents hackers to gather info that would allow them to use it for malicious purposes.

Additional motivator to get your site served with SSL encryption is because it improves your SEO!

5. Use a proactive antimalware tool

Now with all said, new strains of malicious infections show up almost daily and for an average business owner that can’t afford their own security team it is difficult to keep track of it all.

And here is where a proactive service in the form of a firewall (or scanner) is critical. You also might already have a situation where your server is not the tidies, or there are some customisations on the site that don’t allow you to update a certain element on the site. SharkGate Firewall  takes care of that and provides what we could call a strainer 🙂 – it has learned and been updated with the patches for all known vulnerabilities hitting WordPress sites and accommodating servers so it filters and blocks all the calls to your WordPress website that are malicious in form.

Ok, there is a bit more science there, but the point being it aliveites you from constantly checking updating and reviewing your website.

SharkGate firewall

Although the internet has become this hectic place with changes happening daily, if you follow these very simple steps your website will have a safe sail. Of course, if you have more questions or need more advice do turn to our team as website security is our passion.

We Can Help Save Your Business



WordPress website defaced ? If we don’t fix a defaced website in less than 1 hour then we do it for FREE!. Luckily for us we are very good at fixing sites fast!