How to Secure my Website from Hackers?

This is a very important guide for clients who have not purchased our maintenance and security plan.

Website hacks and malwares are getting more frequent, is is highly likely that your website may be hacked once you start getting more visibility especially on search engines.

In our Maintenance and Security plan, we cover the following prevention measures:

• Weekly Website files scanning for exploits
• Updating Plugins/PHP and Wordpress Versions to cover any existing loopholes
• Obscuring Common Wordpress File Paths to prevent bot checking
• Brute Force attack prevention ( Captcha and IP Banning )
• Server Firewall
• Using SFTP and turning off access
• SSL Installation
• Weekly Backups on Server and on Website

What if I don't want to subscribe to the maintenance and security plan?

If you would like to secure the website yourself, we recommend the following steps.

Ensure you backup your website frequently

If anyone manages to hack or change your website files, you can quickly revert to the last backup to reverse any changes. However this does not remove the initial loophole or exploits that the hacker has used. Make sure to check security forums on the plugins that may be vulnerable.

Never reveal your login credentials

Keep your login credentials for your server and your wordpress site safe. If you have to hand it to a contractor, make sure you delegate access only or if you can't, make sure you change your passwords after they have done their job.

Keep your Plugins Updated

Hackers gain access to your website through plugin vulnerabilities. Plugin developers are always coming up with updates to patch this vulnerabilities so make sure you keep your plugins updated.

Also avoid downloading free plugins from authors that you do not trust as they may contain malware.