Keep Your WordPress Site Up-To-Date
WordPress releases regular updates in order to minimize vulnerabilities… make sure your version is always up-to-date. You should also refrain from displaying its version number on your website as that gives hackers a clear picture of which cracks to exploit.
Keep Your Plugins Up-To-Date
As much as possible, make sure that you are only using themes and plugins that you trust and that are being updated regularly. The wrong plugins can introduce vulnerabilities or even backdoors to your websites. Also, remove plugins that you are no longer using.
When you host with us, we manage most of the updates on your WordPress account. By default your account is set to automatically update on a daily basis when new plugin versions are released. The only thing we don’t update are your themes, you will need to review these yourself.
You should not give guest contributors or contractors full control unless absolutely necessary and you should remove it once the job is complete. Contributors themselves can be hacked, especially if they are not using a strong password. Disgruntled employees or contractors can wreck havoc on your website. Review accounts on a regular basis and be sure to remove them as soon as the account is no longer needed.
Back It Up
Realistically, hacking can never be prevented. This is because every week a new vulnerability is discovered in software powering websites. Even if your website is managed by a team of security experts, your website will always be vulnerable. That is why NOTHING beats a good backup of your website and database. If your website is hacked, you need to be up and running again immediately. A regular backup should keep your downtime to a minimum. Just in case something does go wrong, we take daily backups of your entire account: your files, your database, plugins, themes, settings, you name it!
Note: Always have a back up! Don’t learn the hard way!