WordPress Tips, Guides & Tutorials

10 Advanced Security tips for WordPress

WordPress is a commonly used CMS for building websites and blogs online. It’s a secure platform and offers plenty of themes free & premium to build your website or blog easily. You should never have to worry about security as long as your WordPress installation, plugins and themes are always up to date and you are using a strong password.

WordPress is so popular, it’s a regular target for brute force & spam bot attacks and other security vulnerabilities. Insecure WordPress installations are commonly used to launch DDoS attacks on other sites or send large amounts of spam email causing IP blacklisting issues etc. These attacks are automated and target installations that are using default usernames, weak passwords or outdated plugins/themes and wordpress installations with security vulnerabilities .

Most website owners are unaware their website or blog has been compromised until it’s too late and they start losing site traffic, their site gets blacklisted in Google and their search engine rankings start dropping.

Implementing these simple 10 advanced security measures will secure your WordPress blog or website and prevent hacking attempts.

1. Make a new user account

First create a new user account different from the default ‘admin’ account, then delete the default ‘admin’ account. This is commonly targeted by bots and attackers to gain access to your WordPress installation. Don’t use common usernames such as ‘admin’ when creating the new user. You can easily setup a new account by navigating to “Users” and then “Add new” from your WordPress dashboard menu.

2. Always use secure & strong passwords

Never use easy to guess passwords or simple passwords such as your name, date of birth etc. They might be easy to remember but they are also easy for hackers to crack. Always choose a strong and secure password with eight or more characters, numbers, special characters, uppercase and lowercase letters. You can use an online password generator such as Norton’s Identify Safe password generator.

3. Change your author nick name

Don’t use the author name as your username, this will be displayed on every blog post. Change your WordPress account’s author name to something other than your username from your WordPress dashboard menu under “Users” and then “Your profile” by editing the ‘Nickname’ field. After you have selected a new nickname, select your new nickname under “Display name publicly as”.

4. Install a security plugin

There are several widely popular WordPress security plugins that can protect your WordPress blog or website by scanning for malicious code and blocking hacking attempts. The two most popular plugins which are regularly updated & maintained are WordFence security & iThemes security. Both of these plugins do plenty of things to increase the security of your WordPress site such as Brute force protection, strong password requirements, security & malware scans and blocking of bad bot traffic. You can also enable two-step authentication using Google with these plugins.

5. Block all IP addresses except your own from logging into wp-admin

Another great way to increase security for your Blog is by only allowing wp-admin access from your whitelisted IP addresses. You can do this by adding the following code inside the .htaccess file under your wp-admin directory through cPanel file manager or FTP.

order deny,allow
deny from all
# whitelist home IP address
allow from 22.33.44.55
# whitelist work IP address
allow from 22.33.44.55
# whitelist holiday IP address
allow from 22.33.44.55

Add this code onto your .htaccess file and make sure to replace ‘22.33.44.55’ with your own IP addresses (search “what is my IP” in google to determine your IP address). You can add more IP’s to the .htaccess file if your IP changes quite often or if you move around a lot. This is not suitable if you have a dynamic IP which is constantly changing or if you travel a lot and use the internet from different locations. Anytime someone tries to access the wp-admin directory from a non-whitelisted IP, they will be presented with a Forbidden page. If you do this make sure to update the whitelisted IP each time your IP changes before accessing your wp-admin dashboard.

6. Change the URLs for WordPress dashboard areas including login, admin

Using the iThemes security plugin mentioned above, you can also change the URLs for your wordpress dashboard areas including wp-login and wp-admin. This means if an attack bot stumbles upon your website and attempts to login to your wp dashboard, they will not be able to access your login page.

7. Don’t allow guest user registrations

If your WordPress blog or website is not membership based, there is no reason to allow visitors to register a guest account on your site. To disable guest registrations, navigate to “Settings” and uncheck the “Anyone can register” option.

8. Disable ‘pingback’ option in WordPress

WordPress websites or blogs which have the pingback option enabled are commonly targeted for DDoS attacks. This option is enabled by default in WordPress so you must disable it manually by navigating to “Settings” then “Discussion” and in “Default Article settings” uncheck “Allow link notifications from other blogs (pingbacks and trackbacks)”.

9. Monitor your Google Webmaster Tools

Google Webmaster Tools is a valuable asset when it comes to monitoring your website security. The “Security Issues” section of your Webmaster tools account notifies you if Google detects malware or any other security vulnerabilities with your site. Keeping an eye on your Google webmaster tools prevents your site from blacklisting issues and your search engine rankings from plummeting.

10. Regularly update your WordPress, plugins and themes.

Always keep your WordPress installation, themes and plugins up to date with the latest version. The #1 cause for compromised WordPress websites is outdated core install, plugin or theme with a security vulnerability which was not patched with an update. The reasons developers update their software code for plugins, themes and wordpress core files is when security vulnerabilities are discovered through Security audits or other means. WordPress has made it incredibly easy and simple to update your installation, plugins & themes with a single click from your WP dashboard. When a new update is available, you will see a notification in your WordPress dashboard as “WordPress X is available! Please update now”. There should be no excuses or reasons for you to not update your WordPress installation, you can also enable Automatic background updates .

If you are not upgrading your WordPress installation because one of your plugins might break because it’s not compatible with the latest release of WordPress, please switch to an alternative plugin which is actively being developed and updated with support through the developers.

We do not recommend installing plugins or themes from unknown sources or 3rd parties other than the official WordPress plugins directory and official websites for premium wordpress themes. Always check recent reviews of any plugin or theme you are installing, also make sure it has recent updates, is actively developed and has a high number of downloads.

BONUS TIP!! Backups, backups and BACKUPS!

Downloading regular backups of your content and database is very important! Any upgrade, security vulnerability or hacking attempt on your WordPress website could possibly lead to unforeseen circumstances. Although our shared & reseller hosting servers are regularly backed up, you are ultimately responsible for maintaining your own regular backups as well.

Each WordPress website consists of two parts

1. Database, this is where all your settings, pages, posts and comments are stored.
2. Files, this is where all your media, attachments, themes and plugins are stored.

We always recommend downloading a full backup of the entire account from cPanel which includes your database and files. In case of a catastrophic event, we can restore your entire backup to revert your website to the way it was.

You can also install a backup plugin on WordPress to create automated backups of your files & databases and email them to you or upload them to a 3rd party service such as Dropbox or Amazon S3 . There are plenty of choices when it comes to Backup plugins, two popular plugins are BackWPup and Dropbox backup & restore. Activate these plugins to create automated scheduled weekly backups of your installation and either upload to your backup storage or emailed to your address.

Implementing these simple security steps will make your WordPress blog or website much safer and secure from hackers.

Five common beginner WordPress mistakes

WordPress is a great platform for building your first website. However since the platform has relatively low barriers for entry for beginners, a lot of folks make these common mistakes. Let’s see what they are and how you can avoid them to prevent frustration from the early stages of your online career!

These are the six most common WordPress mistakes you should avoid for a beautiful functional website.

1. Do not choose a poorly coded or outdated theme

When you start looking for the perfect theme for your website, you will come across thousands of themes to choose from. Which theme is the right one for your website?

Sometimes you may stumble upon a beautiful theme developed by an unknown developer with little to no reviews. We do not recommend using this theme, if you would rather use a free theme choose from the WordPress approved theme developer list.

The best course of action is to use a premium theme! Although they will cost you upfront, you will receive dedicated support & updates in case anything goes wrong.

2. Use strong and Secure login information

During WordPress installation you will be asked for a username & password. To prevent hackers from easily gaining access to your website, you MUST choose a strong & secure password and username. Simple passwords such as your pets name or date of birth are not secure.

We recommend using a password generator to create a very strong password with combination of characters, symbols, and uppercase and lowercase letters.

3. Don’t forget the basic page elements

When building your website, it’s easy to neglect common website features such as an about or contact us page. With these pages your visitors will be able to learn about what you do and how to get in touch with you.

4. Update your permalinks

The default link structure for WordPress sites is usually something like http://www.yourdomain.com/?p=99 – give your website a memorable appearance by using Permalinks to make your posts appear as http://www.yourdomain.com/first-post

Log into your WP dashboard and browse to Settings > permalinks. From there you can change your permalink settings, for most websites the fifth option “Post name” will be sufficient, make sure to save changes.

5. Search Engine Optimization plugin

You have a beautiful website, now you need traffic! Getting search engine traffic is crucial for your online business. If your WordPress content & pages are not optimized, you could miss out on potential traffic. Luckily there are plenty of plugins that make search engine optimization simple. Just install a highly recommended plugin such as Yoast SEO and follow their documentation to set it up.

WordPress makes it easy and simple to build beautiful websites. Always remember to keep your WordPress core, themes & plugins up to date at all times.

How to properly SEO your WordPress site

SEO has evolved quite a bit from the olden times when you could keyword stuff your content / title and rank for any desired keyword. That combined with the fact that the market was no where near as saturated as it is today, people were able to rank and rake in quite a bit of profit from their internet marketing (SEO) projects. Since the latest Google updates however, no one is certain what factors actually contribute to website rankings as there are far too many anomalies in ranking data for many profitable keywords.

Most people believe that it is easier to manage on-page SEO factors with a HTML website than WordPress — this is a misconception as it is just as easy (if not easier) to automatically SEO your entire WordPress installation with the use of a few innovative and easy to use plugins. Since WordPress is very user friendly, it is a very popular CMS amongst novice and professional bloggers — in fact, WordPress powers approximately 50% of websites on the web.

If you’re a blogger or taking part in any form of internet marketing, chances are you’ve heard of or even personally used WordPress to build websites. I’ve personally used WordPress to build all of my blogs and set them all up in the same manner SEO wise — not one has ever failed me. The reason people believe that WordPress is not sufficient for SEO purposes is because some individuals are still in the mindset of ancient SEO. Nowadays, search engine optimization has evolved drastically and having keywords in your content (or following a specific set of “rules”) will not ensure high rankings; in reality, over optimization actually incurs penalties from Google and other search engines.

In my blogging career, I have built several websites with WordPress and set all of them up in the exact same manner SEO wise — it has never failed. The trick here is to cater your content / titles to people rather than search engines; this is what marketing is all about, but we’ll get more into that topic in a later post. Now, without getting too far off topic (I can ramble on at times), let’s get down to business.

Before you install any plugins or themes, the first change you want to make is to your native permalink structure. WordPress uses an extremely ugly default permalink structure which is not only not good for SEO but also doesn’t appear too attractive to your visitors.

Set your permalink structure to either custom: %category%/%postname% or keep it set to the “Post Name” setting — either is perfectly fine.

Tags vs. Categories

WordPress offers users two ways to organize their posts — through tags or categories. It is recommended that you use either one or the other for your website. If your categories are descriptive, there is no need for tags (and vice versa). Since tag clouds are now depreciated for SEO, my personal recommendation is to just use categories and not put too much focus on adding post tags as they are not essential nor important.

The only time I use tags is when the category keyword is not enough to describe the post (usually when the post has several sub-topics).

WordPress SEO Themes

Most WordPress themes now a days are designed with on-page SEO in mind, including the basic themes that come native with WordPress. When choosing a theme for your website, there a few things you need to look out for:

Is the theme attractive and suited to your website’s niche? (this is not for SEO necessarily but important nonetheless)
Is the post title in H1 tags? Is the website title in H1 tags (on home page)

People go into far too much detail in an attempt to SEO their WP theme when in reality, all you need to make sure is that the post title is wrapped in H1 tags. Since the post title describes what your article will be about and in most cases contains the keyword you are trying to target, the H1 tag helps ensure the search engines know what your post / article is about.

Again, as I’ve mentioned before, do not write your title with search engines in mind but rather your audience — you want to make the title attractive yet descriptive with the keywords you are trying to target. As an example, let’s take this post into account; the article is trying to target the keywords “WordPress SEO” but as you can see, the title doesn’t necessarily focus on that keyword. “SEO” and “WordPress” are mentioned separately and the use of the word “properly” intriguse users to click through to read the article. Old minded SEO’s may argue that the title needs to contain “WordPress SEO” in that exact order to achieve desired results — but a simple search on Google will reveal that is not the case.

When trying to find a theme for your website, don’t worry too much about the SEO aspect of it. Instead, as stated above, focus on finding a theme that will attract viewers and prosper conversions (which is the ultimate goal).

WordPress SEO Plugins

There are plenty of free and premium SEO plugins available on the market for WordPress — but there is one that stands out above the rest (and it’s free). The WordPress SEO by Yoast plugin is the best (in my opinion) and I’m sure many other users will agree.

The plugin is quite self-explanatory with an extremely detailed guide to help users properly SEO their WordPress sites. The plugin can be easily setup with the detailed explanations available under each individual setting — but I will still go over some of the more important settings that need to be configured.

The main settings allow you to set the titles for each individual post type as well as the homepage. Go to Help tab to view available variables. Make sure setting in picture to left is set (click to enlarge).

Adding OpenGraph meta data to your site will ensure that socially sharing your website pulls the right content. Make sure to set your homepage logo as well as a default image in case there is none for your post(s). Set your site’s Twitter username (optional).

The sitemap helps Google easily see the structure of your website (for better rankings according to them). Make sure to create an XML sitemap and submit it to your Google Webmaster Tools account.

Use the settings outlined in the picture. The first option will merely strip the word “category” from your category archives. The second checked option will make sure all the link juice flows to your posts instead of attachment URL’s.

Breadcrumbs are not a necessity but make it easier for your visitors to understand the structure of your website (and easily navigate back and forth between internal pages). If your theme does not come with breadcrumbs, you can enable them here and embed them manually into your theme files.

Once you’ve setup the WordPress SEO plugin by Yoast, you’re ready to move onto configuring the other plugins to make your website completely search engine optimized. Fortunately, the next few plugins won’t require much configuration — they just need to be installed and activated.

Broken Link Checker

Broken link checker will scan all the links on your website and alert you via email (as well as on the main dashboard) if any broken links are found. You can then easily go to the post / page where the link is located and either replace it or remove it.

Related Posts

The reason I did not link this is because there are quite a few related posts plugin to choose from. Personally, I prefer the Efficient Related Posts plugin as it is lightweight and easy to configure, but you can pick whichever one you would like (just make sure it doesn’t slow down your website). Showing related posts will not only foster further visitor interaction but it will also create internal links that will pass link juice to other relevant content on your website.

WP Super Cache

WP Super Cache will store static content in cache so that it can load faster for your site visitors. This will drastically improve load time and help improve your rankings as Google has clearly stated that page speed is a factor in search engine rankings. You can always check your page speed here: https://developers.google.com/speed/pagespeed/.

WP No External Links

This plugin is optional but still helpful. When you write a post and link out to another website, you are passing link juice to that URL. This plugin will let you mark external URL’s as internal URL’s or automatically add a rel="nofollow tag to your outgoing links. Personally, I prefer the second option as masking your external links can hurt your rankings.

Besides the plugins stated above, the only other plugin you should consider installing is the Google Analytics for WordPress plugin to help track your website with Analytics. Tracking is extremely important to understand how to optimize your traffic for higher conversion rates (but more on that later).

Before I close, here are just a few more WordPress SEO tips:

Use the WordPress SEO by Yoast plugin to write individual meta titles and descriptions for each of your posts (the description should summarize the post)
Write engaging content aimed at users and not search engines. This will nurture natural link building to your website
Set a featured image for each of your posts. This image will be the one used every time your article or post is shared socially
Organize your website structure properly. Group posts into appropriate categories so visitors have an easy time navigating your site.

That’s about it guys and gals, I hope you found this post helpful! Look forward to more SEO and marketing related posts in the near future.

Comments, questions or suggestions? Leave a comment below.

How to Optimize and Speed Up Your WordPress Blog

Did you know that site speed is one of the most important factors in determining your conversion rate? A study done by KISSmetrics analytics determined that if your website has not loaded within 4 seconds, you are already losing one in four of your potential converting visitors. In fact, you not only lose visitors by having a slow loading website, but you also sacrifice your search engine rankings as Google and most other search engines use page speed as a ranking factor.

Firstly, before you even get started on optimizing your website, you should check out your current page speed and then decide whether or not you need to optimize. It’s helpful to compare your page speed to your competitors to determine whether or not speeding up your website would ultimately be worth it to increase rankings or visitor retention.

Tips to Speed Up WordPress

Remove unnecessary plugins

Many people use the thousands of available WordPress plugins to dress up their websites and add extended functionality. What most people don’t realize however is that extensive plugin usage only degrades your site’s performance and thus it is important to only utilize plugins that are absolutely necessary for your website. When deciding on which plugins to keep and which ones to delete, just ask yourself whether that plugin is ultimately benefiting your conversion rate; if its not, then deactivate/delete it.

There are several plugins that make calls to external websites which can drastically slow down your site’s performance — try to avoid these plugins as much as possible and remove all other unnecessary plugins as well. This does not mean that the usage of any plugin is bad for your website; it just goes to say that using a ton of useless plugins that don’t really benefit you in anyway or contribute to your goals should be removed to help improve page speed.

Use a WordPress cache plugin

Caching is the process of storing any static parts of your website so that they only need to load once instead of on every single page load. Since most WordPress sites are mostly static, using a cache plugin can help drastically improve performance. When it comes to picking a cache plugin for WordPress, you have the option to choose between:

W3 Total cache

W3 Total Cache is meant for more advanced users due to its extensive number of available options but is also good for the beginner who wants to employ its basic functionality. There are plenty of guides available online to help you use the plugin to optimize your website; be careful however as incorrect settings can actually break your website.

WP Super Cache

WP Super Cache is an easy to use plugin that can be setup within a few seconds after installation. Simply install the plugin and turn caching on — or modify more advanced settings if you feel comfortable.

WP Super Cache Settings

Use a Content Delivery Network (CDN)

Content delivery networks use server nodes nearest to the location of your visitor to serve your website — ultimately making your site load much faster. CloudFlare is an extremely well performing CDN that is available absolutely free of charge with any of WireNine’s hosting plans and can be activated from within cPanel. If you are not hosted with WireNine, you can also manually sign up to CloudFlare on their website and follow their simple step-by-step instructions to set up your website on a CDN.

Optimize your WordPress database

When you write new posts and save them as drafts or uninstall plugins, all that data is saved within your database. Having a large database can drastically slow down your website, especially if you are on a shared web hosting plan. Fortunately, there’s a plugin to help you optimize your database; use WP-DBManager to optimize & repair your WordPress database.

Compress images on your website

Images are usually the slowest loading aspect of any website (depending on image size), and if your website is jam packed full of images it only makes sense that your website will load slowly. Fortunately, there are a few steps you can take to optimize your images and make them load faster — however, you should first remove any images that are not necessary for your blog.

Sometimes however, when your whole website is based around images (such as galleries), all you can do to increase your page speed is to optimize your images; use the tips below to speed up your image load time:

Use the best image format

Two of the best image formats to use online are JPEG and PNG. JPEG images will usually lose quality upon size reduction (compression) whereas PNG is considered a lossless compression format but can’t be reduced to the same degree as JPEG images.

Image Compression Formats

The image quality is dependent on the format; sometimes you may be able to produce a JPEG duplicate of a PNG image that is actually smaller in size and vice-versa. If you’re ever in doubt, just save your image in both formats and compare them side by side for quality loss.

Use WP smush.it to decrease image size

The WP smush.it plugin uses Yahoo’s smush.it service to reduce image size without compromising quality — and it can reduce the size anywhere from 5% to 50%.

Use Lazy Load for your images

The lazy load plugin essentially loads only the images visible in the user’s browser window (above the fold) and will load the remaining images on the page as the user scrolls down. This is especially helpful for websites that have galleries embedded within their posts as WordPress will not load all images at once but only a few at a time (using jQuery) to improve your visitor’s experience and the page load time as well.

Use image sprites instead of regular images

Image sprites are only intended to be used by advanced users as they require complex CSS modifications to function correctly. Sprites essentially allow you to display multiple images on your website from a single image by defining co-ordinates on an imaginary axis of your single image. This can drastically improve page speed as your website will now be loading a single image rather than multiple separate images.

If you follow the above tips, you can drastically speed up your WordPress installation and not only improve your overall conversion rate, but even your search engine rankings which will consequently bring in more traffic to your website. Keep in mind that you want to host your website with a reliable hosting provider to ensure your host is not affecting your page speed — a lot of low quality hosting companies will pack their servers full of customers severely degrading the shared hosting experience.

If you have any questions or suggestions, share them by commenting below!

WordPress Security Tips to Protect Your Website

As WordPress is one of the largest and most popular blog platforms in the world, it makes sense that hackers would try to infiltrate its security to gain access to millions of unsecured websites on the web. We frequently see complaints all over the web regarding WordPress security vulnerabilities and webmasters requesting help regarding their hacked WordPress installations. Usually, once a hacker has infiltrated a WordPress installation, they will either delete all files causing you to lose your website or use PHP modules to send out massive spam — which will get your hosting account suspended no matter where you host your website(s).

It is important to keep personal backups of your account and to take all necessary precautions to ensure that your WordPress installation is secure and invulnerable to hackers. For this reason, we have compiled a few WordPress security tips for you below which should help make your site immune to any hackers.

Keep your WordPress Installation Up to Date

WordPress updates their platform quite frequently to not only make improvements, but also patch any security vulnerabilities that could be exploited. That is why it is extremely important that you keep your installation up to date with the latest release.

If you’ve installed WordPress using WireNine’s automated installer Softaculous, you can easily upgrade your installation by logging into your cPanel. If you’ve installed it on your own, you can upgrade from the WordPress dashboard automatically, or do a manual upgrade by overwriting your old files with newly downloaded ones from their website. For more information, check out the WordPress codex.

Set a custom username and password

The default username for any WordPress installation is admin and all hackers are well aware of that fact. When installing WordPress, make sure to choose a uncommon username — in most cases, using your name or initials will be fine.

If you are using Softaculous to install WordPress, check the screenshot below (click to enlarge) to see where to set your username.

As important as the username is, it is equally if not more important to have a complex password — choose a password with a mixture of letters, numbers and even symbols if you prefer. If you’re worried about losing your password, you can use a password manager such as LastPass to store all your logins; and WordPress does have a “Forgot Password” function which you can also use to reset your password in case you ever lose it.

Ensure your file permissions are set to 755 or lower where necessary

If you are an intermediate or even advanced user of WordPress, you may sometimes need to modify file permissions to make file edits from the back-end or in some cases, to allow a plugin to function. As most individuals forget to reset their file permissions afterwards, their files are usually left readable / writable for hackers who can use the file as a doorway to into the users account.

Make sure you set appropriate permissions for your files / directories (755 or lower) — always reset to the WordPress default permissions after making edits to any file.

Regularly backup your websites / databases

Although WireNine does create daily backups for all accounts on our servers, it is always recommended that clients also make their own backups from within cPanel in case their site data is ever compromised. Maintaining daily backups will help ensure that you can immediately restore your website in case of an emergency. To create a full or partial backup of your account, simply navigate to cPanel, click on “backup wizard” and choose which elements of your account you would like to backup (refer to the picture below).

Keep all plugins and theme files up to date (free and premium)

Since WordPress has such a vast amount of available themes and plugins (both free and premium), its important to make sure that you only select plugins and themes from trustworthy sources. Most premium theme and plugin purchases will include free lifetime updates to patch any security holes — but free plugins and themes are sometimes not updated for long periods of time. This not only causes the themes / plugins to break with new WordPress updates, but also leaves tons of security vulnerabilities for hackers to exploit.

It is important to use the latest WordPress compatible version of each plugin / theme to ensure there are no security risks to your website. Fortunately, WordPress’ free plugin repository has plugin and theme ratings which can help you decide which plugins would be the best and most secure for your blog / website. If you wish to invest in a premium theme or plugin, make sure the seller is a verified source before you make any purchases.

Use a WordPress Security Plugin

WordPress security plugins are not always necessary if you follow all the security tips listed above; however they do help make your installation more secure. If you are worried about any hack attempts on your blog, its always better to be safe than sorry and install one of the following highly recommended security plugins:

Bulletproof Security

Bulletproof security was created to mainly protect your website through your .htaccess file which hackers commonly use to gain access to an account. With the bulletproof security plugin, you can protect your WordPress website against against XSS, RFI, CRLF, CSRF, Base64, Code Injection and SQL injection hacking attempts.

Better WP Security

This plugin has a host of features that help secure your website — mainly by hiding and securing any locations of your website that are most vulnerable to an attack (such as the login page or admin panel). The plugin also creates a daily backup of your WordPress databases so in case you do somehow get exploited by persistent hackers, you can easily restore your website.

General Security Tips

Do not share your login. If you have hired a webmaster to manage your website, make them a separate account with the necessary permissions. It is not advised to share your username / password with anyone you don’t fully trust.
Enable Cloudflare. CloudFlare is a content delivery network (CDN) that improves the performance of your website but also offers a security scanning feature that comes in handy at times. CloudFlare is included absolutely FREE of charge with any shared, reseller or VPS hosting plans at WireNine and can be easily enabled from within cPanel.
Regularly change passwords. It’s important to change your password every once in a while to maintain security — you can use a password manager such as LastPass to make this easier

While the WordPress security tips listed above will help you secure your website, they do not guarantee that your website will be 100% immune to hackers. They do however drastically decrease the chances of your WordPress installation being hacked or tampered with in any manner. Remember, it’s important to maintain regular backups of your website / database so you always have a recoverable copy laying around in case of an emergency.

If you have any questions, don’t hesitate to ask by commenting below.