Windows is the most targetted operating system for computers, iOS the most targetted mobile operating system. Guess what could be the most targetted CMS? WordPress, obviously, is also a victim of its own success, with plenty of scripts designed to target specific flaws in the tool.
The most common cause for WordPress websites getting hacked comes from missed updates. It’s true that keeping your plugin up-to-date can be a bit tedious as there are lot of updates of core, plugins, and themes. However, it’s a must-do.
Many of the updates are security-related and serve the single purpose of fixing security issues. These security issues are known by hackers, so they will use automated software to find vulnerable websites. On the long term, not updating your website regularly will make you a target, keep that in mind.
To facilitate your work on this, you can use the auto-update feature. In most cases, it’s the best solution. If you have a more complicated website with custom features and you fear that it may break with updates, you can install a plugin that will notify you of every update by email.
Backups are extremely important for WordPress. No security will be 100% efficient if someone with skills decides to target your website. If your website is compromised, you should now lose data and to simply recover a backup instead of just crying about the loss.
Just like you should for your own computer backups, you should not underestimate the risks. What we suggest at WP Expert is to have a “double backup”. First, use a WordPress plugin for backups that allows you to send your backups elsewhere than on the server. For example, Updraft Plus can do this, but VaultPress or other plugins will also do the job. On top of that, use a web hosting that provides backups as a core feature. This way, in case one of the backups didn’t function, you ucan rely on the other one.
As you figured out if you read the introduction of this article, security is key when it comes to maintaining your WordPress website. Apart from regularly updating your WordPress website, which deserved its own bullet point, you should also at least install a security plugin.
Such a plugin fills several roles: firewall, file modification attempts, site scans, and login security, among other things. At WP Expert, we are big fans of WordFence, which is one of the most popular security plugins there is. However, there are plenty of high-quality security plugins for WordPress out there.
This is often overlooked, but it will bring a small extra layer of security to your website. If you aren’t using a theme or plugin, it has no business staying on your server as it could be another entry point to hack you. On top of that, removing unused themes and plugins helps with performance by suppressing a small layer of complexity.
In most cases, downtimes will be because of a problem with your hosting, so there is not much you can do about it apart from notifying your host. However, it happens that a website down is due to an issue with it. In that case, acting quickly is important. If you leave your site not functional for more that 24 hours, you can lose some Google rankings or get some backlinks suppressed. Obviously, if your business depends on your website, nothing will work.
To be alerted anytime your website goes down, there are several website monitoring tools. At WP Expert, we often use Uptime Robot to stay on track.
Although spam will normally not break your website, it’s a good habit to manage it. First, comment spam should be checked if you are using comments on your website. If you have some forms on your website, you should use a captcha or other measures to prevent spam from going through.
Broken links are hard to monitor, especially if you have a large website with a lot of content. However, broken links are a bad signal for both your readers and Google. Keeping your links updated will help your SEO and keep your website more interesting.
If you own a large website, there are tools that will help you find all the broken links. The Broken Links Checker plugin is very efficient. However, it can be resource intensive, so be careful. There is also the Google Search Console that can help you find broken links.
Forms are a great tool to get feedback or to be contacted from your website, it allows you to guide your users on the information they should send. However, a broken form is not only useless, but it also projects a bad impression on your users. For that reasons, you should regularly check if your forms are still functioning how they are supposed to.
Another important task that shouldn’t be overlooked is the update of the site information. Obviously, pricing and services should be up-to-date, but you also shouldn’t forget to update office adresses, phone numbers, email addresses, or team members. Failing to do so could create some issues, such as clients showing up at the wrong addresses.
Another thing to look for in a web host is good tools for activity monitoring. Even better, monitoring tools with an alert system. Such a tool can help you identify problems with your site. For example, it can show you if your website is getting too slow, if you are under attack, or if your pages are using too many resources.
Owning a WordPress website comes with a few obligations, you should be aware of it. If you want to manage your website yourself, you can do it by following the steps mentioned in this article. Otherwise, you can get in touch with us and we would be happy to work with you on this.