Protecting Your Word Press Website 2017

Share This:

If you like my work show support on my Patreon
Word PressOver the years that I have used Word Press as a blogging platform I have recieved much traffic on my blogs. This traffic has increased the risk of hackers trying to attack my wordpress sites. Because of this I’ve had to focus more closely on protecting my blogs.

In this post I will talk about some things I recommend using to protect your word press site. Unlike my previous post about protecting your website which talked about website security in general here this is specifically about word press security.

SSL Certificates

SSL certificates are great in many ways. They improve your position in Google and other search engines. They also are an encrypted protocols. They costs money and the price range can be between a few dollars a year to a few hundred per year. If your not making money on your site, I wouldn’t recomend spending a lot on one, but if have the money to invest in an SSL it is best that you do so.

AntiVirus and Firewall Plugins

Many viruses are written for Windows users but Mac users and Linux users are the ones who spread them. Mac and Linux users don’t usually have Anti Virus software that scans files for viruses. So they will often have files that are infected, but they will be unaware of the malicious nature because they are immune to them.

This is why I recomend installing an Anti Virus plugin on your word press blog. I use WordFence.

Setup 2FA

2FA is Two Factor Authentication. The way it works is you first must type your credentials into a site to login. And before you can access the site you will be required to enter additional credentials which are random and usually sent to your phone. Once you provide your second set of credentials you can access the site.

A good plugin that helps provide 2FA is the Authy Plugin.

Change Password Salts

If you know anything about login systems online, then you most likely know that simply hashing and encrypting your passwords isn’t enough. You need to add a a special string of characters to the password hash. This is good because simply knowing the password and encryption type does nothing unless you know the string that is added to it. This string is called a salt.

Unfortunately if an attacker finds out the salt you use then your vulnerble again. So changing the salt regularly is a must. Luckily Word Press has a nice little plugin to help with changing password salts. It is called Salt Shaker. And you can set it to change salts, daily, weekly or monthly.


Fight Spam with Akismet

Sifting threw thousands of spam comments to find one real comment can become difficult.

Akismet is designed to automatically delete any spam comments it finds so you wont have to review the obvious spam comments.

If you like my work show support on my Patreon