Rounding the day off with one more Quick Tip post for your WordPress security with a few housekeeping items that may just make the difference:
- Only install plugins from WordPress – these will have been approved by the bods that know (this is not to say that plugins from other sources are not reliable, but you know that you can trust those listed by WordPress).
- Keep your WordPress and plugins, etc current – whenever you see a newer version available for update, do it (or get your Blogmistress to do it for you!).
- Activate your Akismet plugin if you haven’t already – just do it – it’s useful and does the job.
- In your Settings, General – uncheck the Membership - Anyone can register, unless you really want them to.
- Remove any unused plugins
- Backup! If you don’t already run a regular backup of your WordPress, well… Do it now – install WordPress Database Backup and schedule at least a weekly backup (more frequent if you’re a busy blogger
- Restrict bot access to private files by using your robots.txt file. Add the following to your robots.txt file (which is stored in the same place as your www.yourdomain.com/index.php file) if you have one, and if you don’t you can create one in Notepad and upload it using your ftp client (of give us a shout to help if you prefer)
Disallow: /wp-admin/
Disallow: /wp-include/
Disallow: /wp-content/plugins
Disallow: /wp-content/themes
Now – if any of this does not make sense, shout and we’ll help you. Or if you have tried and tested security solutions that you recommend, let us know. Today’s tips are be no means all that can be done – they are simply basic things that most of us can do immediately and which should offer a good level of security… at least until the hackers work even harder. But then WordPress developers are always hard at it to provide the highest level of security for us. Sadly, as WordPress becomes ever more popular, it makes it more likely as a target. Thankfully there are good geeks out there helping us keep things secure.
