Contrary to some belief WordPress itself is very secure. Vulnerabilities are introduced by poorly written or malicious themes or plugins that users install.
I have compiled a list of extra steps you can take to harden your WordPress installation.
WordPress has updates on a near daily basis. If a security vulnerability is ever found it is usually patched within hours and pushed out to the millions of WordPress installations around the globe. But, if you don’t accept automatic updates, or don’t manually update often, then you will be left vulnerable.
It doesn’t just go for WordPress itself. Plugins, especially the more popular ones, are updated often, and can often have security vulnerabilites of their own. Keep them updated!
Be conservative with plugins
Plugins are great, they extend the functionality of your website in just a few clicks. But is that all they do? Plugins can become vulnerable, especially…