{"id":2427,"date":"2020-09-11T05:03:00","date_gmt":"2020-09-11T13:03:00","guid":{"rendered":"https:\/\/www.henselhosting.com\/?p=2427"},"modified":"2021-09-30T03:12:41","modified_gmt":"2021-09-30T10:12:41","slug":"keep-your-wordpress-site-safe-in-6-steps","status":"publish","type":"post","link":"https:\/\/www.henselhosting.com\/blog\/keep-your-wordpress-site-safe-in-6-steps\/","title":{"rendered":"Keep Your WordPress Site Safe in 6 Steps"},"content":{"rendered":"\n<p class=\"wp-block-paragraph\"><em>This is a short but powerful guide on how to keep your WordPress website safe, and protected against hackers and other scum.&nbsp;<\/em><\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Roadmap<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Step 1: Make sure you have a good backup plan.<\/strong><br>Ask yourself this question.&nbsp;If your site is now suddenly deleted, can you restore a backup from 1 day back and also from 1 month back?&nbsp;If not, there is work to be done.&nbsp;You can use a plugin as a backup buddy, or one of the many other&nbsp;<a href=\"https:\/\/wordpress.org\/plugins\/search\/backups\/\">backup plugins<\/a>&nbsp;.&nbsp;It is important to remember that a backup of your site locally (on your site itself) &#8211; not a backup!<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><em>Where: for example on your own computer, or in the cloud (think of the privacy aspect)<br><\/em><img loading=\"lazy\" decoding=\"async\" width=\"639\" height=\"97\" class=\"wp-image-2428\" style=\"width: 600px\" src=\"https:\/\/www.henselhosting.com\/wp-content\/uploads\/2019-12-02-20_45_44-Keeping-your-WordPress-site-safe-in-6-steps-Hensel-Hosting.png\" alt=\"\" srcset=\"https:\/\/www.henselhosting.com\/blog\/wp-content\/uploads\/2019-12-02-20_45_44-Keeping-your-WordPress-site-safe-in-6-steps-Hensel-Hosting.png 639w, https:\/\/www.henselhosting.com\/blog\/wp-content\/uploads\/2019-12-02-20_45_44-Keeping-your-WordPress-site-safe-in-6-steps-Hensel-Hosting-300x46.png 300w\" sizes=\"auto, (max-width: 639px) 100vw, 639px\" \/><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Step 2: Remove all unused installations from WordPress and other applications.<\/strong><br>You may have done a test installation on a subdomain, and you no longer looked at it.&nbsp;Hackers love that and use that outdated installation to get into your real website.&nbsp;Easily remove unused subdomains via the&nbsp;<a href=\"https:\/\/www.managedomain.nl\/\">Control Panel<\/a>&nbsp;, and unused folders within your website itself via&nbsp;<a href=\"https:\/\/support.codeorange.co.th\/article\/204-set-secure-ftp-connection-ftps-ftp-ftps\">FTP<\/a>&nbsp;.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><em>Where: Control Panel, FTP<\/em><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Step 3: Remove all plugins and themes that you no longer really need or that are no longer maintained<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">This is an essential part of keeping WordPress safe.&nbsp;Some plugins started so promising, but the creator may have stopped.&nbsp;Then it&#8217;s time to look for an alternative because plugins that are no longer being updated are vulnerable to leaks.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">How do you see if plugins are no longer maintained?&nbsp;For example by surfing to https:\/\/plugins.wordpress.org and looking at the plugin page there:<\/p>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"aligncenter is-resized\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.henselhosting.nl\/wp-content\/uploads\/Screen-Shot-2017-05-11-at-10.59.42-AM.png\" alt=\"\" class=\"wp-image-7082\" width=\"583\" height=\"46\"\/><figcaption> <em>Wp-admin panel, Plugins, Appearance-&gt;Themes<\/em> <\/figcaption><\/figure><\/div>\n\n\n\n<p class=\"wp-block-paragraph\"><img loading=\"lazy\" decoding=\"async\" width=\"639\" height=\"74\" class=\"wp-image-2429\" style=\"width: 600px\" src=\"https:\/\/www.henselhosting.com\/wp-content\/uploads\/2019-12-02-20_49_31-Keeping-your-WordPress-site-safe-in-6-steps-Hensel-Hosting.png\" alt=\"\" srcset=\"https:\/\/www.henselhosting.com\/blog\/wp-content\/uploads\/2019-12-02-20_49_31-Keeping-your-WordPress-site-safe-in-6-steps-Hensel-Hosting.png 639w, https:\/\/www.henselhosting.com\/blog\/wp-content\/uploads\/2019-12-02-20_49_31-Keeping-your-WordPress-site-safe-in-6-steps-Hensel-Hosting-300x35.png 300w\" sizes=\"auto, (max-width: 639px) 100vw, 639px\" \/><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Step 4: Check all users<\/strong><br>Does the SEO expert who optimized your site 2 years ago really need access?&nbsp;Remove all accounts, especially accounts with administrator rights from your WordPress website.&nbsp;Are there any users you don&#8217;t know at all with weird e-mail addresses?&nbsp;Then check carefully whether something has gone wrong on your website.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><em>Where: Wp-admin panel, under Users-&gt; All Users<\/em><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Step 5: Update everything!<\/strong><br>And that means;&nbsp;WordPress itself, plugins, themes, and all other software that you use on your site.&nbsp;Pay particular attention to plugins that are included with your theme for free, or &#8220;custom made&#8221; themes that are no longer maintained.&nbsp;In the WordPress wp-admin \/ panel you go to Dashboard-&gt; Updates to see what can be directly updated.&nbsp;But beware, sometimes you have to update paid themes in a different way, for example by manually re-downloading them or by going to the theme&#8217;s settings.&nbsp;Check the FAQ of the template maker or contact them if you don&#8217;t know how.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><em>Waar: Wp-admin panel, under Dashboard-&gt;Updates, Plugins, Appearance-&gt;Themes, Theme Settings<\/em><\/p>\n\n\n\n<figure class=\"wp-block-image\"><img loading=\"lazy\" decoding=\"async\" width=\"637\" height=\"92\" src=\"https:\/\/www.henselhosting.com\/wp-content\/uploads\/2019-12-02-21_00_47-Keeping-your-WordPress-site-safe-in-6-steps-Hensel-Hosting.png\" alt=\"\" class=\"wp-image-2430\" srcset=\"https:\/\/www.henselhosting.com\/blog\/wp-content\/uploads\/2019-12-02-21_00_47-Keeping-your-WordPress-site-safe-in-6-steps-Hensel-Hosting.png 637w, https:\/\/www.henselhosting.com\/blog\/wp-content\/uploads\/2019-12-02-21_00_47-Keeping-your-WordPress-site-safe-in-6-steps-Hensel-Hosting-300x43.png 300w\" sizes=\"auto, (max-width: 637px) 100vw, 637px\" \/><\/figure>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Step 6: Install a security plugin<\/strong><br>If you have followed all the steps above, your site should in principle already be 99% secure.&nbsp;But it doesn&#8217;t hurt to keep an eye on your website, and plugins such as&nbsp;<a href=\"https:\/\/wordpress.org\/plugins\/search\/wordfence\/\">WordFence<\/a>&nbsp;help with that.&nbsp;Make sure you&nbsp;<a href=\"https:\/\/support.codeorange.co.th\/article\/214-wordfence-installation-wordfence\">go through the options<\/a>&nbsp;just as&nbsp;well, so that you do not constantly receive unnecessary e-mails (which you will automatically ignore).<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><em>Where: Wp-admin panel, under Plugins<\/em><\/p>\n\n\n\n<h3 class=\"wp-block-heading\">No more worrying about?<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Our WordPress Update Service is a service where we keep your WordPress site, plugins and theme safe and up-to-date.&nbsp;<a rel=\"noreferrer noopener\" href=\"https:\/\/www.henselhosting.nl\/webhosting\/extra-diensten#wordpressupdates\" target=\"_blank\">Also your website carefree online<\/a>?<\/p>\n","protected":false},"excerpt":{"rendered":"<p>This is a short but powerful guide on how to keep your WordPress website safe, and protected against hackers and other scum.&nbsp; Roadmap Step 1: Make sure you have a good backup plan.Ask yourself this question.&nbsp;If your site is now suddenly deleted, can you restore a backup from 1 day back and also from 1&hellip; <a class=\"more-link\" href=\"https:\/\/www.henselhosting.com\/blog\/keep-your-wordpress-site-safe-in-6-steps\/\">Continue reading <span class=\"screen-reader-text\">Keep Your WordPress Site Safe in 6 Steps<\/span><\/a><\/p>\n","protected":false},"author":4,"featured_media":3572,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[5],"tags":[],"class_list":["post-2427","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blog","entry"],"_links":{"self":[{"href":"https:\/\/www.henselhosting.com\/blog\/wp-json\/wp\/v2\/posts\/2427","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.henselhosting.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.henselhosting.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.henselhosting.com\/blog\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.henselhosting.com\/blog\/wp-json\/wp\/v2\/comments?post=2427"}],"version-history":[{"count":10,"href":"https:\/\/www.henselhosting.com\/blog\/wp-json\/wp\/v2\/posts\/2427\/revisions"}],"predecessor-version":[{"id":3574,"href":"https:\/\/www.henselhosting.com\/blog\/wp-json\/wp\/v2\/posts\/2427\/revisions\/3574"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.henselhosting.com\/blog\/wp-json\/wp\/v2\/media\/3572"}],"wp:attachment":[{"href":"https:\/\/www.henselhosting.com\/blog\/wp-json\/wp\/v2\/media?parent=2427"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.henselhosting.com\/blog\/wp-json\/wp\/v2\/categories?post=2427"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.henselhosting.com\/blog\/wp-json\/wp\/v2\/tags?post=2427"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}