Tips To Secure WordPress
In the vast sea of information available on the Web about WordPress one of the most overlooked subjects is WordPress Security. While the subject is far less exciting than most WordPress topics, it is vital to keeping all your other hard work safe from the multitude of active hackers who seek out WordPress blogs in particular.
The reason WordPress is the #1 target for hackers is closely related to the amount of information available on WordPress Security. Hardly any WordPress user looks for information on security until after they have their first site hacked. Compounding the problem is the fact that most new WordPress users are very new to the Internet. WordPress tends to attract non-tech savy people because of it’s reputation as being easy to use.
The video here offers some good tips on making your WordPress blog more secure…
Need more help http://www.wordpressblogman.com/securing-wordpress/ WordPress is the most used open-source platform nowadays for any type of websites: whether…
I have used and can recommend the plugins mentioned in the video above. However, despite covering many important WordPress Security basics there is one huge hole left here in my opinion. As do many people who publish posts and videos about WordPress Security, the author suggests using a plugin to backup yourWordPress database. There’s nothing wrong with doing this, but that alone will be of little use when you’re trying to restore your site to exactly the condition it was in before the hack. All the information needed to do this does not reside in your WordPress database or DB as it is also referred to.
Much of what sets the look of your site is contained in the files located in the Public_html directory on your server, not in your DB. All the WordPress database contains for the most part is the content of your WordPress posts and pages. Nothing having to do with your themes, plugins or the settings for those are contained in your database. If you are trying to restore a site with only a DB backup to work with, you have many long hours ahead of you to restore your themes, plugins and their settings.
These things are often done slowly over months or even years of the life of a blog. I don’t know about you, but I would have huge problems remembering every plugin and theme setting I had ever done for each blog. What this translates to is an uphill battle of major proportions to completely restore your site to it’s previous condition. For many WordPress users, this is an insurmountable task.
But before you give up on WordPress completely, there is a simple solution to this problem. There are several quaility plugins that will allow you to make a complete backup of everything that makes up your WordPress blog and completely Clone or restore your site with just a few clicks of your mouse!
By far, my favorite of these is called, WP Clone. This plugin will allow far larger sites to be completely backed up or cloned than any other plugin of this type. The only problem I have ever had with this plugin comes around the time your site hits between 130 to 150 posts depending on the average length of your posts. Fewer if most posts have 800+ words or more, and more if your average posts size is far smaller. At this point, the default sizes of WordPress files start to play a factor. If your backup is larger than the default alloted for this by WordPress, you will no longer be able to use this plugin or any other to to this task.
But Wait! All is not lost! There is a simple way to do this!
Every Web hosting Control Panel I have ever seen will allow you to do a complete backup and restore of your sites with just a few clicks. This is easiest to find and do if your account uses cPanel. Considered a industry standard by many Web Masters, cPanel offers a far simpler structure to navigate than most other hosting platforms. cPanel is offered by almost every major company that offers Web Hosting.
The only exception to this I am aware of is GoDaddy. They use their own system, which does not offer cPanel unless you purchase a Resellers license from them which used to cost around $100 a year. While this really pretty cheap if you look at the fact you’re getting a years woth of service for this one payment, the fact that it must be paid in full upfront makes this less attractive to most people.
This is also far safer than relying on a WordPress plugin to back up your site no matter how good the plugin is. Once a hacker gains access to your site, they also have access to everything there including your backup! Because you can store your backup files directly on your Computer when you back up your site, the hacker can’t touch or alter those files.
If space is at a premium on your Computer, there are plenty of inexpensive accessory Hard Drives you can purchase to hold your backups. Considering the amount of time this can save you, it’s a small price to pay for true security on the large investment of time you have put into your blog! You can also limit the space this takes up further by deleting your old backups every time you download a new one.
If you update your blog frequently, that poses another problem though. Creating a new backup every time you add a post gets tired pretty quickly. The easiest way I have found to sidestep this issue alltogether is by adding all your posts for say the next week at one time using the WordPress Cron or a plugin to post them at your usual interval. Then you simply make a new backup after you have finished. This will mean you can completely restore everything including posts that have not yet been published with only a few clicks!
Don’t make the mistake of thinking nobody would ever hack your site and ignoring all this. Sooner or later, you WILL get hacked! Years ago, I even had a site with zero content hacked! The hacker does not care how popular a WordPress site is. They will happily hack into every unprotected WordPress site they find.
Don’t let it be yours!