Keeping Your WordPress Installation Current & Secure
In a recent newsletter we strongly recommended that our customers take a few basic steps to keep their WordPress sites secure. We’ve now added articles to our help library to assist you in the regular maintenance of your WordPress installation. Whether you’re a Slamdot customer or not, if you have a WordPress site, it’s a good idea to follow these guidelines!
If your WordPress username is currently “admin,” we recommend changing it to something unique.
- Why is this important? Both malicious individuals and malicious software applications may attempt to hack into your WordPress site, sometimes for personal reasons but more likely simply because they are seeking to break into any WordPress site that they can gain access to. Because “admin” is the default WordPress username it is the first username that hackers will try. If your username is “admin” then you are relying solely on the strength of your password for security. Changing your username to something unique makes it that much harder for anyone to crack your username/password combination!
We recommend keeping your WordPress install up to date.
- What does this mean? Like most software, WordPress is regularly updated and improved by its developers. New versions of the software come out frequently, but in order to make use of the improvements you will have to upgrade to the new version.
- Why is this important? WordPress is constantly improving, and staying updated will allow you to take advantage of the newest features and interface improvements. However, even if you don’t update your site often, keeping WordPress updated is important. As stated above, hackers frequently look for ways to break into WordPress sites, and new versions of WordPress include the most current security measures. Keeping your software updated will help protect you against these attacks.
- How often do I need to do this? If you update your site frequently, you should update your WordPress and plugins (more on this below!) any time you log in and see that there are updates available. If you do not update your site frequently it is a good idea to log in every three months to update your software.
We recommend keeping your plugins up to date.
- What does this mean? Because plugins are pieces of software that are independent from your core WordPress install (for a more thorough explanation of plugins, see last week’s blog post) they will need to be updated separately from WordPress itself.
- Why is this important? When you update your WordPress install, it is possible that changes to the core system will cause your plugins to function differently or not function at all. When changes to WordPress affect the functionality of a plugin there will usually be an update to that plugin that keeps it compatible with the newest version of WordPress.
- How often do I need to do this? You should update your plugins whenever you see that an update is available. If you do not update your site frequently, update your plugins when you log in every three months as recommended above.