Keeping your WordPress site secure is a shared responsibility between you, your web host and designers and developers of WordPress software.
As a site owner you don’t want to bury your head in the sand when it comes to protecting your site from the bad guys.
Fortunately, you don’t have to do much to harden your web site.
All of the resources discussed in my webinar, “Web Site Security For The Solopreneur” – and a few that weren’t – are here.
Plugins And Services
Some of these – like the Google Authenticator and Limit Login Attempts are single purpose plugins making them simple to set up and use. Others like Wordfence and Sucuri provide a suite of protection applications and are more difficult to understand and use.
- Google Authenticator – WordPress Two Factor Authentication (2FA)
- Limit Login attempts
- Stop User Enumeration
- WPS Hide Login
- User Role Editor
- Activity Log
- Website File Changes Monitor
If you are going to use a protection suite choose between the Wordfence, Sucuri OR iThemes Security plugins. Do not use more than one of these.
- 5 Common WordPress Security Issues
- 7 WordPress Security Best Practices
- 7 Best WordPress Security Plugins
- 16 Best WordPress Security Plugins to Lock out the Bad Guys
There are countless articles on the web to help you understand the nature of common threats to your site.
Some of these articles are pretty technical so don’t say I didn’t warn you!
- WordPress Security Threats in 2020 and How to Prevent Them
- The Complete Guide to WordPress User Roles and Permissions
- iThemes – Blog
- How Firewalls Work
- Why Choose An Endpoint Firewall Like Wordfence
- A complete tutorial to cross-site scripting
- 2018-2020 Ransomware statistics and facts
- How to Protect Your WordPress Site from Brute Force Attacks
- Ransomware Facts, Trends & Statistics for 2020