Hi. Welcome to Beginners’ guide to WordPress Blogging: 12-day challenge. Today we will be reviewing “Securing WordPress”.

My name is Catherine M. Egwali and I will be your instructor for the next few days. I work at Switem Technology Solutions and I am one of the co-founders of the company.

Switems Technology Solutions is an ICT company that helps startups and SMEs grow their business, income, achieve set goals and solve problems by using technology solutions.

Some of the services we provide include domain registration, Hosting, WordPress Website Designs, E-commerce Website Designs, WordPress Hosting, Managed E-commerce Hosting, Payment Acceptance Solutions as well as other technology solution services.

Over the next few days, I will be taking you on a journey to understanding how to use WordPress to start a website or a blog.

If you have ever asked any of the following questions, after going through today’s lesson, you should be able to easily answer any of them.

1. How do I secure my WordPress site?
2. How do I harden WordPress?
3. Is WordPress secure?

WordPress was created with security in mind.

However, a chain is only as strong as its weakest link.

Listed below are some ways to ensure your site do not get hacked easily.

1. Keep WordPress core up-to-date

2. Keep installed themes and plugins up-to-date

3. Ensure you delete themes and plugins you do not need even if they are not activated.

4. Use secure passwords for your user account. It can consist of alphabets, numbers, uppercase, lowercase and special characters

5. Ensure you enforce the use of strong passwords for all users.

6. Avoid using admin as an account username on your site

7. Only download themes and plugins from secure and trusted sites such as the official WordPress directories or marketplace like Envato

8. You can use two-step authentication on your site i.e. you would need an additional sign in process in addition to using your password. The second sign in could involve using a PIN sent to you via SMS etc. Google Authenticator is an example of a plugin that can help with this.

9. Install a firewall on your website. Installing Wordfence can get a firewall set up for your site/blog

10. Limit failed login attempts by installing Wordfence or iTheme Security plugins. Login LockDown is also another plugin that can help with this

More ways to secure WordPress

11. Only create and grant the necessary access rights to those that need them e.g. do not give commenters administrative accounts/privileges on your site

12. Conduct regular security scans on your website. You can use plugins like Securi Security or Wordfence.

13. Avoid downloading premium themes and plugins from illegal sites. You might end up with downloads corrupted with malware

14. Disable error reporting on your site. Only enable it when troubleshooting issues. Error reporting often provides details to your server path. Hackers can use that information to attack your site.

15. Install an antivirus on your computer/device. Ensure your computer/device is free from viruses/malware. If your computer is infected you may end up infecting your website especially if you transfer files to your site.

16. Keep track of and review activities on your WordPress site by using plugins such as WP Security Audit Log

17. Do not use the default WordPress table prefix. Change it to something else. This can help prevent hacking via sql injection.

18. Use SSL certificate for your Site so that passwords and other personal details are encrypted when used on your site

19. Review your user accounts regularly and delete obsolete accounts

20. Backup your site regularly and have copies offsite.

21. Secure access to important files e.g. wp-config.php, .htaccess, on your hosting account so as to prevent unauthorised persons from making changes to them

Review of Beginners’ guide to WordPress for blogging: 12-day Challenge

Day 1: Introduction to WordPress, Domains and Hosting

Day 2: Installing WordPress

Day 3: How to login to your WordPress Dashboard

Day 4: How to change WordPress General Settings

Day 5: Adding new users to your WordPress site

Day 6: What is a WordPress theme?

Day 7: What is a plugin in WordPress? List of recommended plugins for bloggers

Do you have questions pertaining to TODAY’S lesson?

Join us in our Facebook Group where we will be answering questions to each lesson’s post. To ask and get your questions answered, ensure that you post your question as a comment under the Lesson Question Post Of The Day. Each day’s lesson questions must also be asked during the training period.

Thank you for participating. See you tomorrow.