By Don Yates
SEO only helps your website if you and users can access that website. Hackers can take over your website and destroy all your hard work or hold the site hostage for ransom.
There’s a couple of free methods in which you can protect your site. One is a WordPress plugin called WordFence. WordFence is very effective in helping stop hackers from invading your webspace. Over a million websites are already using WordFence. WordFence has a five-star rating from over 3,000 reviews. That’s unheard of. WordFence is free but they do offer a premium upgrade. The free version gives you really good protection. It takes only about 5 minutes to install WordFence and then you at least have something to hopefully thwart hackers.
Most hacker attacks are brute force attacks that work to steal your administrator password. If they get that, you’ve got some problems. They’ll take over as admin and you are pretty much going to be pulling your hair out for a few days.
Implementing 2-factor login on your site is probably more crucial for securing your site than installing WordFence. What this means is when you log into your admin account in WordPress you’ll also get prompted to enter a code. That code will be found in your cell phone, or email or text; whatever you chose as a secondary verification. It’s not difficult to setup and doesn’t cost anything.
First, you set up an Android authenticator app on your cell phone. Google Authenticator‘s app is very popular but there are many others you can try. Once you get the app installed (5 minutes), you need to install and 2-factor login plugin. Just search WordPress plugins for “2-factor authentication.” Pick one that has been downloaded at least 1,000 and has good star ratings. When you have installed both the app and the plugin and followed the instructions on how to integrate those two tools, then you’ll be protected. Someone must have access to your email account or cell phone in order to login to your admin account.
Other tips for better WordPress site security include keeping plugins and your WordPress version updated. Many times the reasons developers update plugins is to correct security vulnerabilities discovered in those tools. Developers are constantly playing a cat and mouse game with hackers. If you don’t keep your plugins and Wordpess updated, you may be leaving holes in your site’s security.
Following these tips doesn’t guarantee that your website won’t be attacked. However, you should have better protection than before.
Please comment below with your suggestions and questions.