After you installed your new WordPress website you need to make sure you keep it up-to-date and optimized. An up-to-date WordPress website is better protected against hacking attempts and runs better with fewer errors.
Optimizing your WordPress website goes beyond keeping it up-to-date with the most recent version of the core files and plugins. You need to optimize your database as well and make sure your site loads fast.
Keeping WordPress Up to Date
– updates for core files: WordPress will inform you if there is a new version update once you log in to your dashboard. This can be an upgrade or, very important, a security update. Note: some minor security upgrades are now installed automatically.
– updates for plugins: WordPress plugin updates can add new functionality or bug fixes and sometimes also have security updates.
– update themes: WordPress theme update is mostly focused on new layout options, getting responsive or extra layout functionality. Sometimes bug fixes and security patching.
– remove no longer used plugins and themes: Don't leave possible security problems and clean up all plugins and themes you tried once and decided not to use any longer. WordPress will check these plugins and themes as well so save yourself some time and clean up!
Keeping WordPress Secure
Keeping your WordPress site up-to-date is the first step.
Next step is to use a plugin that will shield your site from people who want to hack your site or fill it with spam comments.
One of the fastest ways to block those people is with the Shield security plugin.
Shield has an easy to use Dashboard that will show you which option you have configured for use.
Just follow the icons in Orange once you have installed and activated the plugin.
One of the most important options if the Firewall. The firewall will block a lot of hacking attempts.
In the configuration, I have the Firewall Blocking options all set to active except for the last two.
And to be able to work in your Dashboard without any problems, you should use these options in the Whitelist part.
The rest of the options in Shield are pretty easy to configure, so go ahead and run through them.
Have a special look at the Login protection where you can easily rename your login option to redirect wp-login.php! This one is a no-brainer as Shield makes it very easy without you needing to create special rules in your .htaccess file.
There are so many other nice options in this plugin that I will create a separate post for it to go through the complete plugin settings. But for now, make sure you block out the basics and see what other options you might want to use.