A Simple Guide to WordPress Security

Your blog is your life, and your blog is what allows you to share your ideas and products with the world. WordPress is the most popular blogging platform in use, hosting the lion’s share of blogs online. Unfortunately, there are many different cyberthreats to your blog, and as a blogger, you have a responsibility not only to yourself, but also to your readers. You need to make sure you don’t have a security breach that could take down your blog or otherwise compromise reader information.

Here is everything you need to know about WordPress blog security:

Passwords and the Other Basics


Everything on the internet is linked. This makes the internet much more convenient to use for everyone, but it also causes some security problems. If your computer is compromised, then so is your blog. This means basic internet security is more important than ever. The best thing you can do, the framework of your WordPress security, is to review all of your basic security measures and habits.

Start with your passwords for both your WordPress account and other accounts. Are they strong? Now is the time to change them if they aren’t. You also need to make sure that you are using the best security suite that you can find, as well as make sure that the websites you visit are safe and secure. Brush up on the various threats out there, so you can know what to look for when online.

Here’s an infographic for more information about your WordPress Security:


Protecting Your Email

Your email address was used in the creation of your blog, correct? Is it also somehow related to your login information or otherwise critically linked to your WordPress account? Chances are that it is, and for that reason, you must be absolutely certain to protect it. If a hacker breaks into your email account, then they will get into all of your other accounts from there. If this happens, then the integrity of your blog will come into question.

When dealing with your email address, make sure your passwords are even stronger than the standards you use for your other online accounts. Don’t give anyone else access to your email account under any circumstances. If you think anyone else does have access, take immediate steps to cut them out so that they don’t accidentally cause a breach.

Another thing you want to consider doing for the security of your blog is to create a separate email address to use for blogging and blogging only. This way, if you accidentally slip up with your main or personal account and there is a security breach, you will have one less thing to worry about.

Plugins: Why They’re Bad for You

You need to be wary if you are considering using plugins on your website. A major problem is that a large amount of WordPress plugins and applications are traps, promising you something else before creating a large hole for hackers to get in and mess around with your site. Even if the plugins aren’t explicitly made for the purposes of hacking, many of them develop security holes that are then exploited, and word spreads quickly among cybercriminal circles about where the exploits are.

If you are going to use plugins, then make sure that you research them thoroughly first, and then research then again. If in a regular review of your website you find that a WordPress plugin is no longer helping you or staying up to date, uninstall it. You can’t afford having a plugin that isn’t keeping itself up to date. On the other hand, having a good wordpress security plugin may help your website filter potential treaths before they happen.

Public Networks and Virtual Private Networks

One of the biggest threats to your blog and to your internet security in general is the use of unprotected public networks. Whenever you use them, you are putting your data as risk because hackers on unsafe networks can use some simple tools to intercept any data that is travelling over the network.

This data could be your username and password for your blog! Sadly, the usual protective measures won’t be the least bit helpful. What you can consider instead is using a Virtual Private Network (VPN) or a high performanace wordpress hosting app, which is a service that allows your computer and/or your smartphone to connect to an offsite secure server using an encrypted connection.

This protects you in two ways. First, the fact that the VPN concelas your IP address by having the offsite server take care of your requests for you gives you a high level of privacy you normally wouldn’t have. Second, the VPN’s encrypted connection allows you to browse safely on any network without people being able to intercept your data.

There are many different VPNs out there, so it will be extremely important to read some informative reviews in order to know which VPN is best for your needs. Any VPN is better than none at all, but take the time to do your homework and browse a few of the different options available.

Who to (Not) Trust

WordPress is interesting in that more than one editor or administrator can be assigned to a blog at any one time. This is an interesting dynamic that allows a team to work together more effectively to create a great blog. It also multiplies your security risks by the number of people who have control over the blog.

Unless the person you are considering is actually a business partner or spouse, you should never under any circumstances allow anyone else to gain that level of access to your blog. They could unknowingly or unknowingly create security problems or take information, and in doing so damage your blog or its reputation. Once you give up some of your power, you can’t so easily get it back.

WordPress is a very broad and popular platform, with a lot of secret gems and secret threats. Yet as long as you stay alert about what is going on regarding your website you will do just fine. Thank you for reading, and may you never have to deal with the consequences of a cyberattack on your blog.

And finally..

Free WordPress Themes

Here’s an article, while a bit old still applies. Care should be taken when using free WordPess themes. Take a look at Free WordPress Themes, Shocking Facts You Need To Know (note: some links are depreciated, but most are still working).

About the Author: Cassie Phillips is a cybersecurity evangelist, sharing the dangers of cyberattacks and hackers with the masses and equipping them with the knowledge to form good habits and acquire the necessary security software, such as a VPN.





DiTesco is a Business and Inbound Marketing Consultant, and founder of iBlogzone.com. iBlogzone's main objective is to help startups and small business owners achieve success in their online ventures. | More About Me and my Digital Marketing Services in SP Brazil.

5 thoughts on “A Simple Guide to WordPress Security

  • Good stuff here! Of course you know I have free themes on my blogs, but I protect myself with a couple of pretty great plugins and smart things like harder passwords… that’s your best recommendation! 🙂

  • 2 of my customers website is hacked since when I started to make websites.
    The main reason of all of them is really weak password 🙂
    Please don’t create a user like that:
    Username: admin
    Password: 123456
    Thanks for the great post…

  • Pingback:

  • Hi DiTesco,

    This is a good infographic which shown the stats about WordPress hacked information, I am surprised to see in 2012 there were 170,000 websites which are hacked.

    Using free WordPress themes and plugins may share our data to the developers, thanks for sharing such a valuable information, see you soon.

  • Thanks Francisco.
    Currently I am trying to improve my SEO as well as looking for ways to make my WordPress blog secure! Nice and informative article you’ve written here… 🙂 I like your writing style man! Keep them coming!
    Greetings from India.

Comments are closed.