Thanks for joining me for the inaugural entry of #WebTipsTuesday. Today I’m going to share with you some cool but eye-opening and scary information about website security and WordPress.
Here are the Tips
1.To Log Out or Not to Log Out
The past couple of days I’ve gotten several email alerts from security plugin Wordfence about nefarious login attempts into my WordPress site. A few of these nasty peeps and/or bots were from France and the UK but the last one was from around these parts. And they used my login name.
So what did I do?
First of all, I changed my password lickety split. The next thing was to log into the WordPress Admin dashboard and promptly logout.
And then I reminded myself, because I AM GUILTY, to log out of sites I am no longer working in or on. It’s not enough to exit out of the window it must be an intentional ‘log out’. If browser windows are left open there is a chance that information can be stolen out from under you. And if you’re concerned with site speed, unlogged users slow your site way down.
The criminally inclined are getting smarter every day so your best defense is to protect your private information in every way possible. Log out AND change your passwords often.
In order to protect yourself in case the worst happens it’s best practice to have two user accounts set up in your name. You’ll need two email addresses to do this so register another gmail account for this reason. Ensure both user profiles have Administrative access not just subscriber or a lesser rank.
The last thing you want is to lose access to your site and not be able to register another user because the hacker has blocked you from getting in.
I know, scary right?
3.Use Password Savers
Another important way to stay secure online (aside from being on Instagram because who can compete with the highlight reels we tend to compare ourselves to, yikes lol) is to use an App that saves passwords for you. LastPass, which automatically saves passwords for you ensures you don’t have to worry about clearing the browser cache and losing banked passwords.
I must have thousands of passwords and change them often so this app is a lifesaver. Logging into a site is a breeze and because I’m no longer typing them in manually it is supposed to be more secure as keystrokes aren’t detected.
The two WordPress plugins mentioned below will save your bacon should your site get hacked or worse, you lose everything!
Don’t depend on your host to backup your site for you, please. It is not in their best interest to do this for you as it is a service they charge dearly for. Most hosts will backup weekly (if you ask) but that is not enough. Unfortunately I almost learned the hard way when a client’s site hosted by GoDaddy just last week didn’t have any backups scheduled.
What happened, you ask? Thankfully, I was able to restore the site myself but they weren’t even apologetic and wanted to charge me over $100 just to look at the issue.
WordFence and UpdraftPlus will be your new best friends when it comes to site security, aside from me, of course! So do yourself a favour. Update your passwords, logout from every site you’ve visited and install security plugins that will not only backup your site but alert you to attempts to hack your site.
The next installment of #WebTipsTuesday will be on the subject of backing up your website. Stay tuned!
I use the free versions of these plugins now so I’m not selling you anything. But if you need help configuring these plugins or any other web services, feel free to give me a jingle. You can also fill out this handy, dandy contact form.