Whether it has been set up for business or personal purposes, maintaining a secure WordPress website is important. There are a number of steps you can take to assist with this.
Firstly, for anything that needs a password, make sure your choice is unique, difficult and strong. 1Password can create these sorts of passwords for you, remember them and restore them, all directly in your web browser. In other words, it will log you in to WordPress sites automatically. KeePass is a free open source password manager, which helps you to manage your passwords in a secure way.
Using these tools that create and store passwords, you are able to have different and hard to guess passwords for each website without having to remember them all.
Added security is gained if you change your passwords regularly, say every month.
All software must be kept up to date. This includes current versions of WordPress, themes, plugins as well as any other software on the server. Update all software on all your websites on your web hosting account. Most of the WordPress sites that are hacked have software that is out of date.
Also, make sure that you remove all unused themes and plugins. They are vulnerable to hackers wanting to attack your website, even if they are not activated.
If you are not sure how to or do not want to either update your software or remove themes and plugins, contact your original developer company. They can assist with a maintenance plan that updates at regular intervals from monthly to daily. This will depend on your website’s needs and the arrangement you have with the company.
Always back up your data so that if the worse happens and your website is hacked, you have something to work with when getting your site up again.
McKinney Brown has more to say about keeping your WordPress website secure.