How to protect your EasyWP website
Security is the most important part of any functioning and successful website. EasyWP-based websites are certainly no exception. To protect yours, here are several tips from us:
Use hard-to-guess passwords
Identity theft occurs when someone gains access to your personal information by finding out your login information. This usually happens when your password is easy to guess. Individuals who have accessed your personal data can retrieve your login information to gain access to various websites and applications.
That’s why it’s important to use different passwords for different services. Each password must be unique, because if an attacker has access to one account, they’ll most likely be able to access many other services in the case of duplicate passwords. Remember, safety should always take precedence over convenience.
We recommend using strong passwords that contain at least 10-15 symbols (the longer password the better), a mix of uppercase and lowercase letters, numbers, etc. Make sure to never use your birth date, phone number, name, etc.
If you feel your password does not meet the above requirements, we suggest that you immediately change it to a new one. Here’s how.
Another thing to keep in mind? It’s not safe to keep your passwords in plain text. That’s why we recommend using applications such as KeePass or LastPass. The algorithm of these programs is as follows: your passwords are stored in an encrypted database, which can be unlocked with only one master key. After unlocking, you get access to the entire database of your passwords. It’s no wonder why it’s almost impossible to break into a database like this.
Keep your WordPress updated
Don’t forget to continuously update your WordPress plugins, themes, and scripts. Because WordPress components are a prominent part of your website, many of the security breaches that take place are due to insecure and outdated components of your website. Most of the free versions of plugins and themes are also built with vulnerable code, especially if the version is unofficial. That’s why we always recommend you update your website components to the latest available version.
Once you are in the WordPress admin page, you’ll see the following message on the main dashboard:
To access WordPress updates for your plugins, go to Plugins menu >> Installed plugins. Here you can simply update the plugins you need by clicking on the Update Now button:
For your convenience, you can also enable the Auto-update option, so you don’t have to update plugins manually. Just make sure to have a backup created beforehand (more on that in a moment):
Looking for more info? This guide is a big help.
Make regular website backups
Before proceeding with any changes, we highly recommend generating a backup since some of the updated plugins and themes may not be compatible with one another. Sometimes, the changes are irreversible so only having a backup can help. A website backup can be created just in a few clicks with the help of the Backups section located in your EasyWP Dashboard. This way, you’ll always be able to reverse the changes. To make a backup, please refer to the details listed here. To log in, please use your Namecheap account credentials.
Did something go wrong with your website and you don’t have the backup? No worries!
Namecheap’s Live Chat is available 24/7 and will do our best to help.
Use WordPress security plugins
WordPress security plugins act as an extra layer to prevent your website from being hacked. With the help of such plugins, you’re able to set up some custom configurations, which can help to improve your website’s security.
Here is our list of our favorite security plugins:
1. Loginizer
Loginizer helps you fight against brute force attacks by blocking login for the IP after it reaches maximum retries allowed. You can also change the WordPress admin link to a custom one.
2. Wordfence Security
2. Wordfence Security
The leading WordPress security plugin, Wordfence checks core files, themes, and plugins for malware, bad URLs, backdoors, SEO spam, malicious redirects, code injections, etc. It also has a security firewall with lots of customized features, including advanced login security and brute-force protection.
3. Sucuri
Sucuri works as a website firewall, complete with its own virus scanner. Sucuri identifies and blocks malicious IP addresses as well as malicious attempts to log in.
4. Jetpack
Jetpack is a practical plugin that’s used for almost everything, including security, backups, malware scans, anti-spam. It even has its own content delivery network (CDN) service.
Use an SSL Certificate
If you are running a business online, having a Secure Sockets Layer (SSL) certificate is a must. An SSL certificate makes a connection from your server to your end-visitor that much more secure by encrypting the connection. For example, if someone makes a payment on your website, that payment data becomes encrypted as well, preventing it from being stolen.
That’s why EasyWP partnered up with Sectigo, the world’s largest commercial SSL Certificate Authority, to include free Positive SSL with Turbo and Supersonic plans. An essential tool for securing digital transactions, increasing sales, and boosting SEO rankings, PositiveSSL gives an immediate cue to visitors that this is a website that takes security seriously.
To learn more about SSL certificate activation, feel free to refer to this article.
Are you following this list? Did we miss anything? Let us know in the comments below.
As for EasyWP Starter customers, you can check out our SSLs here. Third-party SSL certificates also work well. Following our tips in this article will help you to protect your EasyWP website and keep business moving nicely along.