Lesson 34Keeping Your Site Secure
Every piece of software on the Internet is threatened by hackers. Because of its tremendous popularity, WordPress is a regular target. The good news is that protecting yourself is not nearly as daunting as it might seem.
Two of the most important elements of WordPress security have previously been covered: staying up to date with all aspects of your site's software, and having a backup if something happens.
This lesson shows you six additional steps you can take to increase the security of your WordPress installation. Although these are not exhaustive, if you do all or most of these steps, you're much better off (sadly) than a great many users. Some other issues you need to be aware of in the constant effort to ward off hackers are also covered.
Six Steps to Greater WordPress Security
None of the following steps are difficult to do; the hard part is remembering to do them or getting in the habit of doing them.
Strong Passwords
Every security expert will tell you that weak passwords are the leading cause of software breaches. As you saw when first setting up WordPress, you need to pay attention to the password strength indicator and use only passwords that trigger a reading of Strong.
Following are the six criteria for a strong password:
- At least eight characters in length
- Some lowercase letters
- Some uppercase letters
- Some numbers
- Some characters such as #&!
- No actual words
And just so it's driven home visually, following are some examples: ...
Get WordPress 24-Hour Trainer, 3rd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
