Keeping Your WordPress Site Secure
Online security is a big deal. Here are a few tips to keep your WordPress® website secure:
Make sure to keep your WordPress core, themes, and plugins up to date. If you don't you risk compromising your website's security.
If you installed WordPress through your hosting account, there are options to have your software update automatically.
You can still update WordPress through the admin dashboard. This may cause your site's version of WordPress and GoDaddy Hosting Connection version of WordPress for your site to get out of sync, though. If this happens, attempting to update WordPress through GoDaddy Hosting Connection results in an error message and you need to update WordPress through the admin dashboard in the future.
To Update Your WordPress Website
- Log in to your WordPress admin panel.
- From the Dashboard click Updates.
- Follow the on-screen directions to update your WordPress website.
If an attacker gains access to your computer, they can gain access to your WordPress site while you're logged in, or from your saved browser passwords. Keeping your computer safe is one of the best steps you can take toward keeping your site safe.
Your password protects your WordPress site. Make sure it's hard to guess, not shared with anybody, and changed frequently. Most security experts recommend changing your password every 90 days to prevent attackers from accessing your site by repeatedly guessing your password.
If you need to share your WordPress admin with another user, you should create a new user account for them.
Connecting to your site via FTP-SSL keeps your password secure from eavesdropping. For more information see Connecting to Your Shared Hosting Account with FTP-SSL.
For an additional cost, you can purchase services that bring extra security to your site. There are several services available that look for changes and known vulnerabilities in your site on a regular basis.
We offer a solution that identifies malware links and security gaps on your website that could let a hacker steal information, vandalize your site or infect your customers. For more information, click here.
Purchasing an SSL certificate and configuring WordPress lets you log in and use your administration page over https. This protects your password and admin session from eavesdroppers on your network. For more information, see Using an SSL with Your WordPress Admin Control Panel.
We offer a solution that identifies encrypts data transferred to and from your site and protects against session hijacking attacks. For more information, click here.