Sabir Abdul Gafoor

PHP Programmer

click hereTo know more about this author please  

WordPress development tutorial to secure your WordPress site – WordPress security tips

on October 2, 2013

WordPress security is a favourite amongst web developers, especially when we start off. Throughout the development journey you’ll observe that Malwares, Spywares, Rogue softwares and the lot are everywhere. As a beginner you take the effort to develop your website for yourself, or a client and someone goes and hacks into it leaving your system paralysed and leaving you helpless. So what do you do in such an instance? Simple! You follow the simple steps below to moving an inch closer towards WordPress security..

1. Install a security plugin

wordpress security

WordPress plugins are popular and available in galore. And thus we advise you to install the All In One WordPress Security  plugin. All In One WordPress Security uses an extraordinary security points grading system to measure how well you are protecting your site based on the security features you have activated.

Watch this video for more information

This plugin will make your WordPress site secure.

2. Strong password

wordpress security
Hackers are always on the lookout to hack your site by typing in random passwords that help them gain access to your site. Different hackers have different techniques that have been well-tested, experimented and successfully implemented to hack your site. Starting with the basics like password123, password@123 or something that is common for trying each one until they find what they’re looking for.

What do you do?

Make sure your passwords aren’t easy as:

  • Password
  • 123456
  • 12345678
  • Qwerty
  • abc123

WordPress being one of the most endangered species amongst the web developers and hackers world, we advise you to set strong passwords for WORDPRESS/FTP/SQL accounts and use one-time passwords for WORDPRESS/SQL/FTP/SSH accounts.

1. SQL – Structured Query Language

2. FTP – File Transfer Protocol

3. SSH – Secure Shell

A strong password consists of uppercase, lowercase, numbers and symbols. Eg : X^45@rts*S

You don’t have to go all crazy like the example above, but the idea is to use a more complex set of characters that would be very difficult to guess that thereby secures your website.

3. Backup your system

wordpress security


a. Website backup

You need to back up the entire site. It includes WordPress installations, Plugins, Themes, images and files and static pages. You need to backup these files and store them on your hard drive once a month. You can copy the files to a folder on your computer. In the event of anything going wrong you can re-upload the files onto the server and everything’s back to normal.

b. Database backup

Your WordPress database contains every post, comment, pages and every link you have on your WordPress site. If your database gets corrupted or hacked, you stand to lose everything you have written. There are many reasons why this could happen and not all are under your control. With a proper backup of your WordPress database and files, you can quickly restore things back to normal. Here are the some plugins.

  1. BackUpWordpress

You should schedule the backup.

4. Updating WordPress, themes and plugin

 Wordpress site has three important updates:

  • The actual WordPress installation
  • Themes
  • Plugins.

However, before you begin updating any of these items, you should make sure that you have a current backup. This is important because sometimes these updates don’t go as well as planned and you need to restore a previous version of your site. Additionally, you might have made some modifications to your theme or plugin and forgot about the changes you made. Having a backup can leave you rest assured in such a situation.

Everything is working just fine, why should I touch plugins?

WordPress updates are often issued for the purposes of fixing potential security issues. If you do not update them frequently, you are just about guaranteed to get hacked at some point.

5. Scan for website content

wordpress security

You must scan your content using an effective antivirus software to make sure it doesn’t contain any spam files or malicious content. Sucuri SiteCheck is a free online website malware scanner. Sucuri SiteCheck scanner will check the website for known malwares, blacklisting status, website errors, and out-of-date software.

You can access the software through

..And that’s securing your WordPress website! Did this help you? Is there more that you’d like to share ? We’d love to hear from you!

Posted in: All Articles, Web development

Leave a Comment (3) ↓
  • Ferial

    Great post. I was worried about security of my site and was looking for some sort of guide or plugin to help me. I like the idea of security plugin and I’m gonna give it a try.

    • Enterprise Social Media

      Ferial, glad you liked the post. Follow us on Twitter for more insights into the web development and Social Media world. Stay Tuned!.

  • Pingback: 10 Reasons Why Website Development Is Integral To Your Online Marketing Strategy()

Read previous post:
Behold the all new Facebook iOS7 app
Behold the all new Facebook iOS7 App

With Apple releasing the iOS 7, there has been a flutter in the social media world as well. Right after...