Around 26% of the world’s websites (and over 90% of our web hosting clients’ websites) are powered by WordPress. Powerful, flexible, simple to use and “free”; the popularity of WordPress should hardly come as a surprise.
However, its high profile means sites powered by WordPress are regular targets for hackers and other security threats. This is why, for best WordPress security, we recommend sites are regularly backed up and WordPress security updates and Plugin versions are updated, whenever new versions become available. WordPress sites that are not regularly maintained remain at greater risk of being hacked and losing valuable data.
WordPress Announce SSL Certification Will Become a Requirement
Late in 2016, WordPress announced that in order to increase security, WordPress sites would soon be required to have an SSL security certificate installed as standard. Those sites that do not have a valid certificate, will find that some key features no longer work correctly. (They will of course, also remain at risk of security breach).
WordPress have not yet stipulated a deadline for sites to implement security certificates. However, they will soon only recommend hosting partners that offer security certificates as standard.
What Are SSL Security Certificates?
A certificate acts like a digital “passport” which confirms a website’s entity and credentials. When confidential information is exchanged across the web, these credentials are used to establish a secure connection between the sender and the recipient
Once a secure connection is established, encrypted data can be safely exchanged between the two parties
Sites with a security certificate installed can be identified by the HTTPS: at the beginning of their URL. Browsers also often display a green padlock symbol, to confirm a site is secure
“Insecure” sites appear without the padlock or the “S”, as HTTP:
Security certificates need to be renewed regularly, much like domain name registrations
SSL Certificated Websites Favoured in Google Search Results
SSL certification also forms part of an effective SEO (Search Engine Optimisation) strategy. Google have considered the installation of security certificates as best practice Since 2014 and weighted secure sites more favourably when assessing a site’s relevance in search results.
Simple Things You Can You Do to Improve Your WordPress Security
- Add an SSL Security Certificate to Your Site
- Ensure Your Website Is Backed Up Regularly
- Ensure Your WordPress Security Updates & Plugin Versions are Regularly Updated
- Change the Standard Login Screen URL to Make It Harder to Find (either ask your developer to do this or use a plugin like WPS Hide Login)
- Assign Unique Logins and Passwords to Each Admin and FTP User and Remove Access to Expired Accounts As Soon As Possible
- Move Your Site to a Web Hosting Company Specialising in WordPress Hosting (they are better equipped and best-informed to stay ahead of threats)
- Look for WordPress Hosting Which Comes With Constant Malware Monitoring (or use a plugin like Malware Monitoring Anti-Malware Security and Brute-Force Firewall)
ing.‘s Dedicated WordPress Hosting.
We offer a range of dedicated WordPress hosting options, fully optimised to ensure your WordPress website remains as secure as possible at all times.
- Free Migration to our Hosting
- Free SSL Certificates or Transfer of Existing Certificates
- Constant Malware Monitoring & Protection
- Hosting on Mirrored Solid State Drives for Speedy Server Response and Recovery
- Servers Specifically Optimised to Deliver WordPress Websites (Helps Improve Server Response Times)
- Secure Account Management (We can add and remove user permissions at your request)
- Server-based Caching (No Need for Caching Plugins)
- Supported by WordPress Experts
- 9-5 Telephone Support
- Out of Hours Telephone Support
- 24/7 Emergency Email Support
We can also;
- Regularly Test and Manage Your WordPress Version and Plugin Updates
- Identify and Resolve Any Issues That Updates May Cause
- Back Up Your Site Daily
- Keep Copies of Backups for 30 Days
Call us on 01736 322321 for free, no-obligation advice on your WordPress website’s security or if your site has been hacked and you don’t know what to do.
Even though we believe that our dedicated WordPress hosting is the best available anywhere, we’ll do our best to give you non-biased advice based on your needs and budget.