Wordpress security is a topic that everyday users don’t usually think of. WordPress is one of, if not the, leading content management software available. Over 60 million websites use WordPress, and we don’t oftentimes hear about WordPress hacks or attacks. But they do happen, and you need to be able to protect yourself and your website. The good news? These two WordPress security tips are super simple and the payoff is huge!
WordPress Security Tip #1: Update Out-of-Date Themes and Plugins
Upgrading to the latest version of whatever usually invokes fear in WordPress users. They’re worried that the update will cause a portion of their site to malfunction, and while this is a valid concern (and is the reason why you should always back up your site before any kind of update!), let me ask you which is worse: a temporary malfunction or a major shut-down induced by an attack on your website? I think you know the answer.
The reasoning here? Many plugin and theme updates include security fixes. So always keep up to date on your updates. This applies to all plugins and themes, not just those that are activate–see below. This also means making sure you’re running the latest released version of WordPress, too.
WordPress Security Tip #2: Get Rid of Inactive Themes and Plugins
Just because a plugin or theme isn’t active doesn’t mean it can’t cause problems. Deactivating a plugin or theme means nothing to an attacker! Not only do they take up space and clutter up your account, keeping themes and plugins that you no longer use is a major security risk. Why? Hackers love to access your site through your wp-content folder. By deleting files that you no longer need, you minimize the size of the hacker’s playground and thus your risk of being hacked. Besides, you can always reinstall any plugin or theme if you find you need it again in the future.