How to Secure WordPress Site: 7 Tips To Make Your WP Protected
By Fernando | December 21, 2021
Learn how to secure WordPress sites easily with these 7 steps.
There are million so of WordPress sites on the web and hackers and malware impacts sites that are not well protected.
In this guide will we will show you the 7 things you can do for your site hosted via the SeekaHost.app
The must-have tips to stop hackers from gaining entry to your site and keep all your data secure.
7 Important Steps To Secure WordPress Site
Step 1 SSL Certificate
Having a valid SSL certificate on your site protects you a huge amount. It makes sure that data passed between two servers or web browsers stays secure by using an encryption link.
This means you can fill in forms, complete payments and so on without the fear of people being able to steal your data.
For all the websites and blogs hosted with SeekaHost.app you will get a free SSL certificate, you can easily activate it with the 1-Click installer.
To do this on SeekaHost simply head to your client area from the main site. Sign in and select the site you want to add SSL on by tapping the blue action button.
On the right-hand side of the screen, you will see an option of SSL as in the picture below.
Now click on there and switch the SSL on, you might get a message saying that it’s unable to due to name servers or propagation. To solve this you need to make sure your name servers from your current server hosting have been added to your domain name servers.
Visit and log in to the site that you purchased your domain from. Login, and go to change name servers. Change it to custom name servers and then copy and paste name server 1 from your current host to your domain name servers.
Repeat the process for name server 2 as well. Now just save the settings, come back to your site and click SSL again and it will work.
Step 2 User Name
Don’t set up and leave your user name as Admin. Many people make this mistake and it makes it much less work for someone to hack into your account. Using a hard to guess user name with letters and numbers will make it much harder for an attacker to gain access. If your user name is admin and they guess it then they have got halfway to gaining entry to your account already.
Step 3 Keeping Up To Date
Keep your WordPress site up to date. You can check this by clicking the updates option on the left-hand side of your dashboard. Not only this but keep your Plugins and Themes up to date or delete them if you arent using them.
The reason for this is due to security breaches on plugins, WordPress etc and they will release updates to fix the breaches. So by staying up to date you are making sure to have the most current safety features installed on your site and plugins.
Step 4 Download From Known Sources
Do not download from shady sites, from plugins to themes there are many sites that offer free services. However, what you don’t see is the potential virus threat in downloading and running these on your pc or site.
The WordPress site has many free themes and most of the best plugins are already free to use. Don’t be tempted with sites claiming to offer premium plugins for free also. Stealing your data can be worth a lot to these people so they will try to gain access to your files in many different ways.
Step 5 Using Strong Passwords
As I’m sure you are aware, creating a strong password will in fact keep a majority of attackers unable to access your site. Although you may think that your normal password with a few symbols might be ok. I cant assure you that a program running thousands of passwords through your site every 5 minutes will inevitably guess that. Compared to a password like 3h4j3j6873hdh!!dkm% where even with a program running hundreds or thousands of variations would struggle to find.
Save this somewhere either by writing it down or potentially storing it on another device that’s not connected to the same network. Preferably a USB stick that you don’t keep connected to your main PC.
Step 6 Keeping Your PC Secure
Keeping your own PC secure is a huge part of keeping your site safe. If your computer is compromised by attackers, they can steal valuable data install ransomware and do many other things you don’t want.
Make sure you have an anti-virus program installed, if you have windows the windows defender will do just fine also. Make sure to keep them up to date and also run frequent virus checks.
Another major one is watching what you download. Like I’ve mentioned on previous occasions if something looks too good to be true, then it is.
Step 7 Security Plugins
Adding a good security plugin will help in many ways. As in the video, I suggest iThemes Security.
You can easily set up good general protection for most aspects of your site in a few clicks. It also includes a large amount of optional extra features that you can configure.
3 That I suggest changing are:
- Enable Security Check and secure site.
- Hide Backend and change your login URL so it’s not /wp-admin.
- Local Brute Force Protection and decrease max login attempts by the user.
Bonus Step To Secure Your WordPress Site
Create backups often. Use a backup plugin or get one via your SeekaHost client area. This ensures that even if the worst happens and your site gets attacked. You will still be able to upload your site back up in full health and keep peoples data secure.
How To Secure Your WordPress Site Video Tutorial
Now that you have completed all these steps you can rest easier knowing that you have secured your site well. Yours and your user’s data is been kept safe and you can carry on building your site with peace of mind.
Thanks for reading this article and happy WordPressing!