Keeping your online course or membership site safe

In today’s Tuesday Tech Tip, let’s talk about how to keep your site as safe as possible from getting hacked.

Keep in mind, it’s impossible to 100% protect against hacking, there are some simple steps you can take to prevent this from happening to your site as much as possible.

1 – Stop using the “admin” username:
Come up with something unique, something hard to crack…this will decrease the likelihood of malicious script breaking into your site using “admin”.

2 – When you want to give someone temporary admin capabilities for your site, it is always best to create a new user and password (with admin capabilities) for that user. This way, once that person is out, you can delete the profile.

3 – Use strong passwords
This one is a given, right?? The harder the better..just don’t forget it!
For a very strong password, you would want to use as many of the following as possible:
At least one or more upper case letters (as well as lower case letters)
At least one or more numbers
At least one special charactor such as !@#$%^&* or others
The longer the password the better.
If you have trouble remembering passwords, look at using either 1Password or Lastpass

4 – Keep WordPress, Themes, & Plugins up to date:
A lot of themes, and plugins are updated with security patches on a regular basis (along with all the other cool updates they do). So when you see an update available, do what you can to update it.
This is cause for concern because not updating your site can cause problems beyond hacking.

5 – Install and use Security Plugins:
There are many plugins that will help you maintain a secure WordPress installation. One of these would be “Limit Login Attempts” which helps with any brute force attack on the login form.
Other good security plugins include iThemes, Sucuri, WordFence, Better WP Security, and many others.

6 – BACK UP, BACK UP, BACK UP!!!!
If you are not backing up your sites you should be.

There are several ways to do this. You should also consider saving your backup files to a cloud hosted solution such as DropBox, or even Amazon S3.
Manually backup the database and WordPress files either through cPanel or other means as needed.

Install a plugin like “BackWPup” or something similar.

You can use sites like managewp.com or infinitewp.com to help manage all of our WordPress sites and perform automatic backups to DropBox, or Amazon S3.
Perform Daily database backups and weekly file backups.

I hope this information was helpful to you..and as always, make sure to post your questions below!

Comments