Key Tips to Manage WordPress Site Security

These days everyone talks about WordPress’ vulnerabilities. And why wouldn’t they do it, when lots of websites are hacked on a daily basis?

Take a good look at the graph below; it shows the number of hacked WordPress vs Drupal sites.


So is WordPress such a bad CMS? Not at all, according to researchers at WordPress happens to be the most popular blogging platform in the world, so it’s the perfect target for hackers.


Sure, there are 40x more hacked WordPress sites in the world, but there are also 22.5x more WordPress installs vs Drupal installs. This means that WordPress is only 40/22.5 = 1.77 aka 77% more prone to hacking in comparison with Drupal!

Now that we have gotten this out of the way, let’s see what are the easiest way of boosting WordPress security.

1. Use a strong password. One that has at least 15 characters, uses capital and small letters, numbers and special symbols. Resist the temptation to use regular words, separating them with numbers; most hackers use dictionary-based brute force attacks. Go to this site to generate a strong password, and then write it down in a notebook.


2. Don’t leave directories open. Hackers will try to get into your system by making use of any security breach.

3. Make regular backups. Keep your site backup up by making use of one of the many free WordPress backup plugins – BackUpWordPress, for example.


4. Keep WordPress and its plugins up to date. It is true that new WordPress exploits are discovered on a weekly basis, but the team behind our beloved CMS fixes them fast! And with WordPress auto-updating itself, it’s much easier to keep your site secure these days.

5. Use a good WordPress security plugin. Actually, I can think at two plugins that do the job: iThemes Security and Wordfence Security. I have tried them both, and they do a great job, but I tend to prefer Wordfence, because it has a larger set of features and uses less memory.


Install your favorite security plugin, go through its tutorial, and then activate all the features that harden your website security. Then, be sure to scan the site regularly.

Use these five tips and I promise that your website is going to be much harder to break into.