WordPress started in 2003 as a single bit of code created to make the process of arranging and publishing text on the web easier for everyday writing, with only a handful of users. Today, WordPress is the most widely-used, self-hosted blogging system globally, seen and used on millions of websites. It has even evolved past that into a complete content management system (CMS) as well, with thousands of plugins, widgets, and themes available for users to fully customize their website the way they want.
Unfortunately, such widespread use and accessibility of the software translates into vulnerabilities, which users need to be aware of to protect their virtual property.
HostPapa offers WordPress to all clients through Fantastico De Luxe, which can be found in the Software/Services section in each cPanel control panel of a HostPapa hosting account. It is free and can be easily installed on every domain a client hosts on their account.
Here are a few helpful tips to improve the security of your WordPress website, plus a link to the WordPress Support Forums. There, you can find more advanced security suggestions and almost any answer you’ll ever need regarding your WordPress website.
WordPress security tips
1) Make sure you are ALWAYS running the latest version of WordPress. As with any software, new versions are released to make the software more capable, compatible and, most importantly: more secure. It is very easy to stay on top of this by simply logging into your WordPress Admin control panel and looking at the bottom of the ‘Right Now’ box in the top-left of your ‘Dashboard’ section. It will have the WordPress version you are currently running listed and a button to press to download the latest version if need be.
Updates are also listed on the main page of Fantastico De Luxe. However, if you start updating WordPress from the Admin control panel, you should not use Fantastico to apply any updates. Fantastico does not keep track of any updates applied from inside WordPress and could break WordPress by applying an out-of-date update.
2) Change your passwords regularly. HostPapa strongly recommends this for any online venture their clients are involved in, specifically, the passwords for your WordPress admin control panel and your HostPapa cPanel control panel. Consult the HostPapa knowledge base article through the link below for tips on ensuring you have a strong password.
3) Back up your HostPapa account regularly! We can’t stress enough how important this is for every client to do, regardless if they are using WordPress or not.
4) Use the latest version of any WordPress themes or plugins you have installed on your website. Again for security reasons, it is always best to use the newest version of any software you use, including WordPress themes or plugins. However, it is crucial to keep in mind here that in most cases, themes and plugins are created and offered by independent web developers and not WordPress themselves. That being said, their theme or plugin may not always be fully compatible with the latest version of WordPress, so while updating the version of either makes your site more secure, the incompatibility may cause issues with your website. We still recommend always having the latest version of WordPress and conducting a little research online first to make sure your themes and/or plugins are compatible. In most cases, if the theme or plugin isn’t compatible with the latest version of WordPress, it is only a matter of time before the developer offers a new version.
Themes and plug-ins must be updated from inside the WordPress Admin control panel. If an update is available, WordPress will list it in the upper left corner in the same place as WordPress updates.
WordPress support forums
There are also more advanced preventative measures you can take to secure your WordPress website. You can learn more about these measures and how to implement them and find the answers to almost any WordPress-related question you have through the WordPress Support Forums.
If you need help with your HostPapa account, please open a support ticket from your dashboard.