[et_pb_section bb_built=”1″ admin_label=”Section” fullwidth=”on” specialty=”off” background_image=”http://ratherpoetic.com/wp-content/uploads/2017/04/easywpsecuritycropped.jpg” transparent_background=”off” allow_player_pause=”off” inner_shadow=”off” parallax=”off” parallax_method=”off” padding_mobile=”off” make_fullwidth=”off” use_custom_width=”off” width_unit=”on” make_equal=”off” use_custom_gutter=”off”][et_pb_fullwidth_post_title admin_label=”Fullwidth Post Title” title=”on” meta=”on” author=”on” date=”on” categories=”on” comments=”on” featured_image=”off” featured_placement=”below” parallax_effect=”on” parallax_method=”on” text_orientation=”center” text_color=”dark” text_background=”off” text_bg_color=”rgba(255,255,255,0.9)” module_bg_color=”rgba(105,93,98,0.5)” title_text_color=”#ffffff” meta_text_color=”#ffffff” use_border_color=”off” border_color=”#ffffff” border_style=”solid” custom_padding=”||25px|” title_font_size=”52px” meta_font_size=”22″ title_line_height=”1.3em” meta_line_height=”1.3em” date_format=”F j, Y” /][/et_pb_section][et_pb_section bb_built=”1″ admin_label=”section”][et_pb_row admin_label=”row”][et_pb_column type=”4_4″][et_pb_text admin_label=”Text” background_layout=”light” text_orientation=”left” use_border_color=”off” border_color=”#ffffff” border_style=”solid”]

I know. It is not exciting or interesting, but WordPress Security is important for the ongoing welfare of your website.

You might be thinking “but my website isn’t super famous” or “I don’t even take payments through my website” or “I only have a landing page”. The fact is that none of that matters to hackers + bots and I don’t know why. Clearly I would make a terrible hacker.

What I do know is that none of those things are a deterrent for web bad guys, but here are a couple of things that are.

Easy WordPress Security Tip #1
Have a mysterious username

Hackers + bots need two pieces of information to get into your website, a username and a password. And while it seems like having your username isn’t a big deal if they don’t have your password, it does get them halfway there and why help them if you don’t have to?

When you first set up WordPress, it will offer you a default username of “admin”. Politely decline this very kind offer. Also, don’t use other obvious usernames like your website name, or your name. As an example, for this website, the list of usernames I skipped right past looks like this:


So what can you choose?

You have lots of choices. You could use an old family nickname, you could add in a meaningful date, you could use a character name from your favorite tv show or use a pet’s name. You can also mix and match these factors to create a completely mysterious username. The possibilities are endless, so go nuts.

Easy WordPress Security Tip #2
Have a strong password

Your password is probably the most important part of your website security system. I like to think of it less like the key to your website and more like the door with a lock. And if I had to choose a door + I would rather have that amazing Gringotts’s bank vault door + lock than a public bathroom stall door with 3 out of 4 locks broken and misaligned {you know what I mean…}.

So what makes a strong password?

I highly recommend at least skimming this article on what makes a secure password by mSecure {I don’t know anything about their service + this is not an advertisement for them, I just love this article :) }.

This article shares some scary statistics {like a computer can run through all the permutations of a 6 character password in less than 12 hours} and some killer tips on how to make your passwords more secure. I think this information is a great foundation for everyone in the digital age, but especially for site security.

After reading the information illustrated in the article, you can create a password based on words/phrases you want to remember {like the mountains -> m0unT@in$ in the article} or you can use a password generator. I always use a password generator for client sites because I now have too many passwords to maintain in my brain :) I like Strong Password Generator because you can set character length, include punction, and even tell it to avoid similar characters in a password.

Either way, a strong password is gold. It is an easy and super effective way to heighten the security of your WordPress website.

Easy WordPress Security Tip #3
Get a WordPress Security Plugin

WordPress security goes beyond a user name and password, and gets into the nitty gritty of IP addresses, 404 detection, database prefixes, and other exciting/confusing jargon. Because we aren’t all internet security experts, plugins are a lifesaver!

So what plugin to choose?

I have a favorite, although there are several options. My main recommendation is to CAREFULLY RESEARCH your security plugin. What kind of support do they offer? When was it last updated? What do people say about them on social media? Do they have set up tutorials?

I love and recommend iThemes Security from iThemes.com. There is a free version as well as a paid version of iThemes Security, and while both are awesome I have the pro version. It is the security plugin I use on all my own sites and it is what I install + configure for client websites. Also, the team at iThemes.com is absolutely fantastic and their customer service is outstanding.

One of my favorite things about the iThemes Security plugin is the step by step video tutorials that walk you through every feature of the plugin {free + paid} and gives you a crash course in what each option means. iThemes’ tutorials give enough information and a basic recommendation so you can customize your installation exactly how works for you. The very first video can be found right here and it is even great to watch before you purchase to see all of the feature that come with the plugin.

A WordPress security plugin can assist in so many pieces of WordPress security that I encourage you not to skip it. Take the time to research, install, and properly set it up. You will be glad you did.

And there you have it, my top tips for easily securing your WordPress website against unsavory hacker types. I hope these suggestions help you like they have helped me & my clients.

Peace + Bandwidth,


Leave a Comment

For security, use of Google's reCAPTCHA service is required which is subject to the Google Privacy Policy and Terms of Use.

I agree to these terms.