Abepe - Design, Development, WordPress, Website Hosting, Domain Names, Digital Marketing, Social Media, Print.
  • Home
  • About
  • Portfolio
  • Clients
  • FAQ
  • Process
  • Blog
  • Contact
Securing your WordPress website in under 10 minutes

Securing your WordPress website in under 10 minutes

May 11, 2017Website GuidesAdrian

Securing your website starts with using a secure username and password. Believe it or not a lot of people still use easily guessable usernames and passwords including their company name or something equally as insecure. This sounds ridiculous, but surprisingly I see this time and time again.

It’s also a good idea to use a secure method to store your passwords. Most modern operating systems include a system to do this or you can use 1Password or Lastpass.

This applies not only to WordPress but for E V E R Y W H E R E you use a password.

Update your username and password

By default it’s not possible to update your username but theres a plugin for that simply called Username Changer.

Install the plugin, change your username to something less obvious then deactivate and delete the plugin.

You should then update your WordPress admin password to something impossible to guess. The latest versions of WordPress include a strong password generator for this.

WordPress security plugins

In the past few years a lot of great security plugins have been popping up due to the large increase in WordPress hacking attempts.

Sucuri is great for scanning for bad code and hardening the parts making up a WordPress installation.

Wordfence is great at detecting suspicious login attempts (basically anyone who isn’t you or someone you know) and blocking them so they cannot get into your website. It also checks everything is up to date and monitors traffic

Both plugins are free and have premium options for more advanced functionality.

Once you have installed these plugins you will need to carry out a few quick steps to set them up.

Sucuri basic setup

You will see a notice “Plugin not fully activated yet. Please generate the free API key to enable audit logging, integrity checking, email alerts and other tools.”

  • Click Generate API Key, select your email address and click Proceed
    If you keep seeing the API message, you may need to contact support [at] sucuri.net to have them manually add your site
  • Go to Sucuri Security in the left menu
  • Go to the Malware Scan tab and click Scan Website
  • If everything is clean go to the Hardening tab
  • Scroll down and click the Harden button in each row with a red warning*
    * Website Firewall Protection is a paid feature. You don’t absolutely need it but it will add an extra layer of protection to your site.
  • Go to your site and refresh to check everything is still working

I’m getting loads of emails!

After some time you might notice you receive a lot of emails alerting you of unsuccessful login attempts. To turn off this email notification go to Sucuri Security > Settings > Alerts [tab] and un-tick “Receive email alerts for failed login attempts (you may receive tons of emails)”.

You can also edit other email alerts from this page.

Wordfence basic setup

  • Go to Wordfence in the left menu
  • Click Start a Wordfence Scan
    Since you previously updated WordPress and all plugins in the previous post, the scan should be clean
  • Scroll down to New Issues and check for anything requiring attention
  • If everything has been done and the scan is good you will see a message “Congratulations! No security problems were detected by Wordfence.”

This is by no means a complete guide to setting up WordPress security, but with these steps in place you’ll be on track to avoiding a lot of potential headaches in future.

Next Steps

After you’ve backed up your site, update your WordPress site and all plugins to the latest versions and check everything is working. Install the Sucuri and Wordfence plugins, run scans and carry out the basic setup steps above.

In the next post I’ll be running through a few ways you can increase the performance pf your WordPress site quickly and easily.

Tags: security, sucuri, website, wordfence, wordpress

Related Articles

Optimise your website to help get more visitors

May 18, 2017Adrian

How to find the right web designer

February 17, 2017Adrian

I’m changing the way I work to help you!

March 27, 2017Adrian

RECENT BLOG POSTS

  • Quick and easy way to create quality video for social media
  • 6 things you can do to make creating content easier
  • Optimise your website to help get more visitors
  • Securing your WordPress website in under 10 minutes
  • Update your WordPress site and plugins yourself
  • Where to start when managing your own WordPress site
  • Add features to your website with no technical knowledge
  • Design your website theme quickly
  • Get your new website up and running quickly
  • Setting up low cost website hosting for your WordPress site

BLOG CATEGORIES

  • Productivity
  • Small Business
  • Website Guides
  • Website Tips
WEBSITE CARE
SUPPORT

JOIN OUR NEWSLETTER

Sign up today for free and be the first to get notified on news and updates.

Email
Facebook
Twitter
LinkedIn
© All rights reserved Abepe. All photography by Adrian Griffin.