Posted on 2 Comments

WordPress Security

WordPress Security

WordPress security is no joking matter.

WordPress Security can be run over an SSL  very easily. And yet I see thousands of sites every week that simply make the choice to not run over a secure connection.

WordPress Security
WordPress Security | Let’s get it together

Google came out with a notice that said they’d been running some tests, and that they will now be using https <–notice the ‘S’ as a factor for their rankings.  Now this may or may not be a big deal to you.  Here on my personal site, I do indeed have an SSL which makes my site run over a secure connection.  If for some reason I ever needed to collect credit card info, I could securely do that.  Your data would run over a secure connection, and the likelihood of fraud is greatly reduced! Images, files, and data is all transferred over a secure connection.  Always!

Wait Brad. You have an SSL on your personal site?

YEP!  And I been putting one on EVERY site I create.

And I’ve never regretted it! Here’s how ya do it.

Use Google! (or this article)

Look, I’m not going to make screenshots, upload directions, show you how to do something that’s easily Google-able <–that’s a word, right?  Anyways… Now, here we have yet one more reason to use an SSL.  Google is saying that the SSL will only account for less that 1% of how they consider ranking your website.  And that’s not really a big deal though is it?  I mean, 1 percent?  Wait, it was LESS than 1 percent!  But… that’s where how much weight they are giving the ssl now.  What about a year from now after there are more hacks, more breaches, more websites compromised.

Here’s 5 rules that most top notch folks follow for WordPress Security:

  1. Change your site’s login url.
  2. Change your .htaccess rules so that only you can get to your site’s login.
  3. Move your wp-config.php file up a level in your folder structure.
  4. Don’t use ‘admin’ as the username.
  5. Make a strong password.

Yes, this is the same list most folks have seen a few dozen times over the years.

But please, folks.  Put an SSL on your site!  Figure it out.  I promise you, it is NOT too difficult that you can’t do it.  And, if you need some help, feel free to leave a comment, and let’s see if we can get you an SSL installed.  If you can move your mouse, and type on the keyboard, you can install an SSL today. And you’ll be on your way to even better WordPress security in a few hours.  Is an SSL the only option to secure your website? Definitely not!

All I’m saying is that and SSL is one of the simplest, easiest, and MOST OVERLOOKED way to help secure wordpress. 😉

By the way…. I really think I would kinda appreciate it just a tad bit if Google would give me MORE sites that use SSL.  What about you?

Update*** Be sure to read the follow up post HERE

2 thoughts on “WordPress Security

  1. Hi, just a question about ssl certificates, do we need individual certificate for each website? Or there’s something like SSL for all server and so on, I wouldn’t mind adding SSL to websites if it doesn’t come with decent price tag, cause if you run 5, 10 or so websites and you need individual certificate to buy for each that makes up some money

  2. Eimantas, it really just depends on your set up. If you’re running different urls, then it’d be best to get an SSL on each domain name. While I agree that it ‘could’ be expensive, you’ve got a few options: If it’s a client’s site, just bill for it. It’ll really bring substantial value to you and what you’re providing for them. If it’s an affiliate site or something like that, then hopefully the cost of the SSL will be justifiable. If, it’s a personal site (like this one) I just figured I’d eat the cost myself and be thankful that I’ve got (yet) another layer of security!

    GREAT QUESTION!

Leave a Reply

Your email address will not be published. Required fields are marked *