So many simple things can help you keep your website more secure. Learn the top 10 things we recommend for Wordpress users in this presentation. Be sure you have your website protected as much as you can.

1. STAY Protected

2. DID YOU KNOW??
GOOGLE BLACKLISTS
AROUND 20,000 WEBSITES FOR MALWARE
AND AROUND 50,000 FOR PHISHING
each week

3. So what can you do to be sure
you're not on that blacklist?

4. Keep Your Site Updated
Plugins
Themes
Wordpress Version
(And only have current plugins and themes installed)

5. and optimize them for
your website!
INSTALL SECURITY
PLUGINS

6. Loginizer - Wordfence - Sucuri
Limit Login Attempts & Increase Lockout Time (for most businesses
who don't have need for customers to login to their site)
Use 2 Factor Authentication for Admin Logins
Setup Firewall
Block IP's
Change Default Settings
Block attempts of those using admin or your website as login name

7. Use Common Sense
STRONG PASSWORDS
This applies to not only your WP Login but
also FTP, Hosting, and emails. Be sure you
aren't using the same for all these areas!
UNCOMMON USERNAMES
Don't use Admin, or Your Website Name as Your
Username - make it unique and if possible, don't
connect it to your business email.

8. Hide Your Admin Login Page
Can you guess the login
page for friends website?
Most likely too many of you are using the standard
/wp-admin
login page - change it today!
Great Plugin for this is - WPS Hide Login

9. Hide your dashboard
from logged in users
Plugin by Yoast:
Hide Admin Bar From Non-admins

10. Add the following line at the end
of the .htaccess file (In Your
CPanel):
Options -Indexes
DISABLE
DIRECTORY
BROWSING

11. Run a malware
scan on your own
computer.
You might be the problem!

12. From your CPanel - Add this code to the
wp-config.php file:
define(‘DISALLOW_FILE_EDIT’, true);
Turn off File Editing
from the Dashboard

13. Change your display name from your username

14. WHEN YOU FIRST START YOUR SITE,
MAKE A BACKUP.
WHENEVER YOU MAKE MAJOR CHANGES,
BACKUP!
IF YOUR SITE ISN'T NEW BUT DOESN'T HAVE MALWARE -
BACKUP!
BACKUP MONTHLY.
BACKUP - BACKUP - BACKUP!!
HAVING CLEAN BACKUP FILES MEANS
YOU CAN RESTORE INSTEAD OF STARTING OVER IF YOU DO
GET MALWARE.
Be Sure You Are Backing Up!

15. BONUS
Pingbacks and trackbacks notify you that your content got linked
from another web page, sounds great right?
The Bad: Via trackbacks, hackers could cause massive distributed
denial-of-service attack (DDoS) attacks or could use other “clean”
WordPress sites to do their dirty work.
Turn off Trackbacks and Pings from other sites.

16. How Do I Know If My Website
Has Been Attacked?
If you have been hacked - you can clean it yourself or hire
others to do it for you. We recommend working with a
professional if you have never dealt with it before.
REFERENCE TO CLEAN SITE:
https://sucuri.net/guides/how-to-clean-hacked-wordpress/
If you are using a reputable hosting
company they will notify you when you
have malware or your security scanner will.

17. Questions?
Want To
Learn More? Call Us
480.241.7328
Email
megan@geekedoutmedia.com
On Social
@GEEKEDOUTMEDIA
geekedoutmedia.com
Our Website