Phyllis_Garland_WordPress_Classes_Tutorials_WordPress_ WordPress-Plugins_WordPress_securityHackers…they are out there looking for a way to inject malware and viruses into any WordPress website/blog that is not locked down and secured.

SECURITY – Make sure the computers you use are free of spyware, malware, and virus infections. No amount of security in WordPress or on your web server will make the slightest difference if there is a keylogger on your computer. Always keep your operating system and the software on it, especially your web browser, up to date to protect you from security vulnerabilities.

Like many modern software packages, WordPress is updated regularly to address new security issues that may arise. Improving software security is always an ongoing concern, and to that end you should always keep up to date with the latest version of WordPress. Older versions of WordPress are not maintained with security updates. For instructions on how to update the latest WordPress Version 3.5.2, click here.

CREATE A STRONG PASSWORD

Many potential vulnerabilities can be avoided with good security habits. A strong password is an important aspect of this.   Make the password at least 8-12 characters long using a combination of lower and upper letters, number and symbols.   This is a sample of what I use for a password:   WPmdn!B0B0$$    It may mean nothing to you but it is actually an acronym for me which makes it easy to remember:  My Dog’s Name Is Bobo (the o’s are zeros).  I attach  WP for WordPress or FB for Facebook or T for Twitter, etc.  in front of the password and usually add $$$  to the end of it. This password will take 344 thousand years to crack according to How Secure is Your Password.

DO YOUR RESEARCH on any plugin or theme before you upload to your website/server. What is plugin? What is a widget?

Here is a list of plugins I strongly encourage you to install to keep your WordPress website/blog free of Malware, Viruses and Hackers.

  • Change your “ADMIN” username: http://wordpress.org/extend/plugins/admin-username-changer/
  • Log in extra security: http://wordpress.org/extend/plugins/captcha
    CAPTCHA is an acronym for “Completely Automated Public Turing test to tell Computers and Humans Apart.”

SPAM is a four-letter word!  Security for your blog posts.

http://akismet.com/
http://wordpress.org/extend/plugins/defensio-anti-spam
http://wordpress.org/extend/plugins/wp-conditional-captcha

Scan your website periodically for malware & virus issues

http://www.wordfence.com
http://sucuri.net
http://wordpress.org/extend/plugins/wp-security-scan

Additional reading on ways to harden your WordPress website
http://codex.wordpress.org/Hardening_WordPress

Backup your site. No warranties on any of these plugins. Test your backups.

http://wordpress.org/extend/plugins/wordpress-backup-to-dropbox  You need to have a DropBox account for this plugin. Log onto DropBox to set up a FREE account.

http://ithemes.com/purchase/backupbuddy.  This plugin/software is $80 but it is worth every penny!

http://wordpress.org/extend/plugins/backwpup/

http://www.xcloner.com/    Free but you can buy support for a small fee.