When it comes to WordPress security, themes and plugins play an important role. If you forget to update them, then you’ll have outdated code sitting on your server. Hackers spend their time looking for websites with vulnerabilities like old coding. Once they find a website that’s not current, all it takes is a little bit of time for this weakness to be exploited.
You don’t have to be a victim to the next hacker that eyes your site. Taking a few simple security cautions like the ones listed below can keep your site safe:
Updating Your Plugins & Themes
Start by keeping your plugins and themes updated. If you’ve downloaded your plugins through the WordPress directory, then login to your site and click on the plugins menu on the left side of your dashboard.
Once you’ve done that, select all of your plugins and click on the ‘Bulk Actions’ dropdown menu. Click ‘Update’ then the ‘Apply’ button. If everything is up to date then nothing will happen. But if your plugins are in need of updates, WordPress will start downloading them.
Next, click the ‘Appearance’ link on the left side of your dashboard. This will show you all of the themes you have installed. If you notice any themes with an update banner, then click on them so WordPress can download the latest version of your theme.
Cleaning Out Themes & Plugins
After you’ve finished updating your themes, look through them. Are there any themes you’re no longer using that can be deleted? If you find an old theme you heavily customized, you can download a copy of it through your web host’s cPanel or through an FTP program like Filezilla.
Now that you’ve removed unnecessary themes, it’s time to tackle your plugins. If there are plugins you’ve deactivated and haven’t used in 6 months, delete them from your site.
You should also check if you have two or more plugins doing the same job. For example, WordFence protects against brute force hacks. But if you’ve also installed Brute Force Login Protection then you have two plugins serving the same function. You should pick one of these plugins to keep and one to delete.
Following up with Security
Once you’ve updated your plugins and themes, follow WordPress blogs that cover security so you’re always knowledgeable about the latest threats. Start by following the official WordPress blog so you’ll know when new bug fixes are released.
The WordFence Blog is filled with helpful information on how to protect your site. They regularly share which themes and plugins contain vulnerabilities. The Sucuri Blog also offers security tips for all websites and has a special WordPress security category.
Themes and plugins have a lot to offer WordPress users. You can change the look and feel of your website and add special functions with the click of a few buttons. But that doesn’t mean that these tools are always safe. It’s important you do your own research before you download and install anything on your website.
Learn how to keep your website safe when you download your free checklists.
Just enter your name & email!