Skip to content

Keep your wordpress website safe and secure

Website developer sydney photo of woman using laptop in office

You’ve got a great wordpress website, and it’s attracting clients, selling services and products.

How do you keep it secure and running smoothly so it continues to be your best online business tool?

The best way to keep your WordPress Website safe and secure is to update the website software regularly.

WordPress is hands down brilliant! It’s a free and open-source website framework (CMS: content management system), which means it costs nothing to use it, AND millions of people across the globe are invested in making sure theres a way to do pretty much anything a business needs on their website.

Your WordPress website is made up of 3 main elements. Each of these need to be updated regularly. It’s like keeping your car running smoothly – you need to make sure the components are all working well.

  1. the WordPress content management system
  2. The Theme – the look and feel and building tools
  3. Plugins that allow you to provide different functions to make your business run smoothly and help your users to have a great experience.

So why is safety and security even an issue?

What makes WordPress so great is also its problem. It’s ‘Open Source’ software, this means that anyone has access to it, to build the most amazing special functions we can all take advantage of, but also, if motivations are darker, how to find ways to break into the software with malware and criminal intentions

The way to avoid this is to keep your WordPress site secure, by following these steps:

  1. Make sure your passwords for your admin and user accounts (for theme and plugins) are complex and changed regularly
  2. Have a Secure Site certificate (SSL) on your site (you know if your site has one because your url reads: https not http://)
    Talk with your hosting about this certificate, in case it needs to be manually added and renewed on your site.
    Google won’t index a site without a https so make sure you have it.
  3. Backup your WordPress site and database so if you find a problem, you can revert to a previous version of your site (pre incursion) so you don’t lose all of your hard work and audience.
    Save your backups daily, to online storage, or a local hard drive. Updraft is an easy to use plugin for this.
    Talk with your hosting about their backup schedule and get their help if you have a problem.
Keep your wordpress site safe and secure


When you need to update, it shows on your admin screen. See the red dot beside ‘Updates’.

Click here to go to the update screen.

Make a backup of your site first, then update your items one by one.

When you’re adding any plugins or a theme, check to see if the developer keeps the software updated. Don’t use if they haven’t been updated for some time.

Stay safe – use themes and plugins from the WordPress official directory

4. Use the best dedicated WordPress hosting you can afford. Good hosting work hard to ensure their servers stay safe and secure by ensuring their clients sites are free of dangerous files. I recommend WPEngine

5. Use spam protection on your contact forms and use a spam protection plugin like Akismet.

Sign up for the Brand New You newsletter

Want help keeping your website safe and secure, your business online and your clients and customers protected?

Sign up to our Client Care Plan.
We’re wordpress website specialists. Call or contact me to find out more.

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Scroll To Top