WordPress is a commonly used CMS for creating websites, famous for its template system and huge plugin repository. Even though WordPress has been universally accepted as a web content management system, vulnerabilities caused by several plugins cost the website owners a lot. Main cause of vulnerabilities raise from wordpress instances that run with an outdated version.
Key points - To keep your site secure:
- Use strict folder and file permissions, specially for folders that accept media files.
- Keep your WordPress version upgraded to the latest always
- Install Wordfence and configure your email to get automated emails that informs about new version, plugin update, changes made in files if any
- Installing or swapping between trusted themes alone
- If you have bought a theme, keep the key or the account credentials. As you may need to grab the newer versions whenever needed.
- Always make your updates on the child theme
- Do not keep inactive plugins inside, if you feel a plugin is not necessary delete those.
- Prevent weak password - FTP, CPanel, WP login
How to determine the WordPress version:
- Check yourwebsite.com/readme.html
- Login to your backend, check your dashboard
- Right click on your webpage and view-source the code, you will find a meta tag generator
Plugins that could help you secure your websites:
- Plugin Vulnerabilities by WhiteFirDesign
- Wordfence
- Theme Authenticity Checker
We repair hacked themes, clean file injections and provide website cleaning support.
