Protect Your Site
Be sure to take measures to protect your content and your site.
Backup Your Site Regularly: Institute a process to back up your site regularly. It’s best to have a process that happens automatically, so you don’t have to remember to do it. If anything happens to your site, you’ll be glad you did.
Check your web hosting plan to see what options they offer. For instance, Bluehost includes regular backups in their hosting plans and also offers a service with a few more features for an annual fee of around $12.99. Web hosts don’t actually guarantee their back-ups, so you may want to supplement any service they provide with another means and keep a backup copy in another location. For instance, BlueHost has a tutorial video that shows you how to back up your site yourself so you can keep copies of the files and database in a separate location.
Automatic back-up options also include free “plug-ins”, such as WordPress Backup to Dropbox, BackupWordPress, BackWPup, UpdraftPlus Backup or XCloner, paid “plug-ins”, such as VaultPress ($55-165/year), or software, such as SiteVault (starting at $39 one-time fee for up to 5 sites).
Keep Up-to-Date: Make a practice of updating to the newest version of WordPress, plug-ins and other software so that new security updates are included. Delete old WordPress plugins.
Avoid Spam: Install a spam plugin. Akismet, a popular antispam plug-in that catches comment spam on blog is free for personal blogs and websites and $5/month for commercial sites. Other antispam tools include Antispam For All Fields, Invisible Captcha (for visitor comments), CryptX (to hide email addresses from spiders). If you are getting a lot of spam, consider disallowing comments (you can allow them on specific posts or pages only) and/or unchecking “trackbacking”.
Choose a Reputable, Secure Host: So far, I’ve been very happy with BlueHost. With another host I used previously, I did have to transfer a site because of repeated hacker attacks.
Choose Strong Passwords: A strong password contains at least 7 characters and a mixture of upper and lower case letters, numbers and symbols. Don’t use the same password across accounts. Choose different passwords for your hosting and WordPress logins. Make sure your associated email address has a strong password as well.
Don’t Use the Default “admin” as your WordPress Username. Choose something different and more complex. This is a big factor in preventing hackers from taking over your site. Change it when you first install WordPress if possible. If you have to change it later, take care to follow WordPress’s directions precisely (or get help…) to avoid inadvertently deleting content.
Post a Copyright Notice.