Have you heard horror stories of websites being hacked and shut down?
It’s no joke and this is a real threat.
This quiz will wake you up to this reality and teach you exactly how to prepare so your site is safe from hacker attacks.
(Scroll down to see how we can make these updates for you!)
Go down this list of 12 questions and answer YES or NO.
- Password: Are you changing your wp-admin password regularly?
- Suggestion: Once per month
- Password: Are you changing your FTP website hosting password regularly?
- Suggestion: Once per month
- Password: Are you choosing difficult passwords with uppercase, lowercase, numbers, and symbols?
- Suggestion: I know you want something easy you can remember, but I’m sure you want that less than a hacker destroying all of your hard work. You can still make difficult passwords easier to remember such as your initials + birth month and date + street you live on + name of website the password is being created for
- Users: Are you removing open user accounts that are inactive?
- Suggestion: Only keep user accounts open that are being used by your guest authors, team etc. If a team member leaves, immediately remove their account.
- Users: Do your team members have their own login information, separate from yours?
- Ideally, team members would have a separate login than yours. You can create your own admin account, and establish team accounts inside WordPress admin > Users.
- Users: Do you have 2 or less admin accounts open?
- Ideally, your lead web programmer should have their own admin account since they make higher level programming changes. Virtual assistants only need an “editor” user account since they are just adding content for you. (read more about WordPress user roles)
- Upgrades: Are you regularly making upgrades to your themes, WordPress software and plugins?
- As soon as you see upgrades available, ask your lead web programmer to assist you in making a backup of your website and making those upgrades. Ask them for a monthly maintenance review package so you don’t fall behind on upgrades again.
- Plugins: Are you limiting the number of plugins you use to only what you really need?
- Don’t start adding a bunch of plugins because they look or sound cool. This is a trap. Plugins are usually the way a hacker comes in to shut down your site. Keep to fewer than 15-20 plugins active on your website to have faster website load times and to reduce your risk of a hacker attack.
- Plugins: Are you researching plugins before you install them to make sure they are highly reviewed and that the programming is current and approved with the most recent version of WordPress?
- Not all plugins are updated to stay current with the latest versions of WordPress. If you want to add a plugin, Google it and find the WordPress plugin directory listing for that plugin (like this one for All In One SEO Pack). Then on the right side you’ll see the reviews and compatibility information listed.
- Login: Have you added any kind of login lockdown security to limit the number of login attempts someone can make before they are locked out from continuing to try?
- Some “WordPress hosting companies” (like my favorite, WP Engine) will automatically include this as part of their service in hosting your WordPress website. For cheaper, bigger companies (like Bluehost, GoDaddy, 1-1, HostGator etc) they really don’t offer much protection. Look into the WordPress Login Lockdown plugin or similar to protect yourself from brute force attacks.
- Hosting: Does your website host include features and services to protect your security?
- As mentioned in the previous question, WP Engine in my opinion is the best WordPress website hosting company. Why? If your website gets hacked, they fix it for FREE! I don’t know of ANYone doing this (and I’ve heard of people spending thousands of dollars getting their site back after a hack attack). They back up your website daily (other companies charge an add-on fee for this – yuk). Learn more about their security measures here (support > security).
- Team: Is your team made up of true WordPress experts?
- In an effort to save money, entrepreneurs will find the cheapest programmer they can find. BAD idea! Your website is like your house for the online world. You wouldn’t leave your house unlocked, doors and windows always open would you? That’s what happens when you hire a cheap programmer who says they’re an expert, but they’re not. Do your due diligence and find a trusted company that has a huge portfolio of WordPress websites completed, lots of rave reviews, and has a team of experts on board, ready to help. When you do that, you can largely trust that the team is fully up to date on all the super techy extra ways to protect WordPress like securing your htaccess file, database, and adjusting the php code in your core files. (Read: Quality, Reliable WordPress Website Design & Development Services)
If you answered NO to 2-3 questions then your website is largely secure! But do take action on the questions you answered no to and then you’ll be in a really great position for continued long-term success with your website.
If you answered NO to 4-6 questions then you’ll want to get in touch with your programmer (or hire our team!) and make it a priority to put these fixes into motion this week.
If you answered NO to more than 7 questions you are in danger because your website is exposed and you’re practically waving a flag hoping that hackers find you and shut you down. And that’s exactly what they’ll do in time.
Don’t wait to get these changes implemented. Your online business and income depends on it!