How to Secure WordPress Website using iThemes Security
hi everyone in this Post I gonna to show you over five Method to secure and Protect your WordPress website.
now thankfully most WordPress hacks are completely preventable and in this Post, we’re gonna give you the tools that you need to lock down your site.
the first tip keep your software up-to-date
now the very first tip we have for use to keep your software up-to-date. updates not only include cool new features and bug fixes. that can also include critical security updates.
not too long ago Apache release in the news that they had a security vulnerability which was easily exploited in a version of their software.
thankfully when they released that news they also released a security patch to squash that vulnerability, unfortunately, equi hacks didn’t heed this warning which led to someone taking advantage of the exploit and compromising their site which led to tons of people’s information being breached.
now how they just updated and passed this exploit that would never happen so they officially have no excuse and neither do you when it comes to updating using the I theme security Pro version management feature.
you can automatically update or press core plugins and themes so you can rest assured knowing you had the latest security patches on your site.
Use Strong Passwords
the next tips we have for you is to use strong passwords. it’s important that you do not reuse passwords and have a unique password for every site I would suggest you use a password manager like LastPass this way you can easily generate random and secure passwords you can keep track of all your unique and strong passwords and you can take advantage of the autofill feature you will also want to have a password management plan for all your privileged users using a WordPress security plugin like Itheam security Pro you can force all your privileged users to use strong passwords you can also refuse the use of compromised pastures I think security Pro-Tex advantage if they have I’ve been pawned API the have event pond API has a list of credentials that are known to be compromised this means any time a user is changing a password on your site it will quickly run it against the known compromised credentials allows you to refuse the use of any known compromised password.
the next step we have for you is to use two-factor authentication for your logins two-factor authentication has a very strong layer of security by requiring a unique token along with the username and password in any method a two-factor is better than none but some are better than others if at all possible try avoid using the text messaging method of two-factor as it is the least secure of all your options I would recommend using the mobile app method for two-factor you can use a mobile app like Google Authenticator or Athene to receive a time-sensitive token in order to login using either your security Pro you can easily configure two-factor for all of your users.
Run Malware Scans
the important we have for you is to run malware scans it is important to consistently audit the health of your site you want to know as quickly as possible.
if your site has become compromised so you can take the necessary steps to get it cleaned. Itheme security Pro will automatically scan your site twice daily using the security malware scanner.
Backups of Your Website
the fifth tip is to make backups of your website it’s important to create a backup schedule that stores your backups offsite you will also want to make sure that you’re automatically scanning these backups for malware you’ll want to practice restoring your site from a backup so you’re familiar with the process the reason why having a backup schedule is so important to your site security is allow you to quickly restore to a state prior to the site being compromised using backup buddy stash live you can automatically back up any changes made to your site the encrypted backups will be stored on an off-site location and automatically scan for malware I’m including a link in the comments to a webinar I did over the same topic I will have much more detailed coverage over every single tip and please don’t forget to subscribe if you want to see more coverage of all things WordPress