Safeguard your website from hacking - image of unknown person sitting behind laptop with hoodie on and face blurred out with question mark

Keeping your website secure and up-to-date is very important. When you have taken the time, money and effort to create your website, you will know how much hard work you have put in.  Therefore it makes sense to keep your website secure and take precautions to safeguard your website from hacking.

As an example, when you buy a new home you may change the locks, you may add security cameras, fit window locks and purchase home insurance to keep you safe. You wouldn’t, I’m guessing, want anyone who is not welcome in your home and the same applies to your website.

Your website is at the hub of your marketing plan and therefore incredibly valuable to your business.  Following my three steps to safeguard your website will help to keep unwanted people from accessing behind the scenes and doing sometimes irreparable damage.

With the release of the latest version of the core WordPress platform recently there will be a mad flurry of updates to themes and plugins as companies update their software to ensure their products keep working and offering the same features and benefits as before.

Now if your website is created on WordPress you may or may not know that a theme is used to create the layout and design of your website – a bit like choosing a template.  And you use plugins or code to add functionality to your website such as adding Google Analytics, or an online booking system to your website.

Image of black and white  WordPress logo

WordPress is the platform that your website is built upon and they release updates on a regular basis.  Sometimes it’s to fix parts that they have found bugs in and sometimes its to add different functionality to the software.  But when they do, you can bet that your themes and plugins will need updating too.

Check that your hosting package is secure

So before I give you my 3 Steps You Need To Take To Safeguard Your Website From Hacking, let’s talk hosting.  Now there are many hosts available to you and they most definitely vary in features and the packages that they offer.  So please do check what your host is offering with the package you have purchased in the way of security to your website.

My personal preference for hosting is Siteground* and I use them for my own websites and love them so much I am a host reseller for them.  If you’re interested in how Siteground protects your website, check out this link How Does Siteground Protect My Website

Here are my Top 3 Steps For Keeping Your Website Secure

  1. Update your WordPress files, themes and plugins regularly
  2. Add Security software to your website. 
  3. Ensure your logins are secure

1. Update your WordPress core files, Themes and Plugins regularly

It is absolutely essential that you keep your WordPress core files your themes and your plugins up to date. This means carrying out maintenance checks on a regular basis.

As part of my Maintenance Care Plan, I monitor my client’s websites at least twice a week updating core files plugins and themes, checking comments and deleting  any spam, checking for malware as well as performing visual checks on the frontend of the website.

If you don’t have someone looking after your site for you, I would highly recommend you block off time in your diary on a regular basis to maintain your site. Being proactive rather than reactive can be a lot less work than trying to fix a site that has been hacked, I promise!

2. Add Security software to your website. 

A very effective way of safeguarding your website from hacking is to add security software to your website in the form of a plugin.  These can stop unwanted people from accessing your website and causing havoc.

Personally, I use WordFence on my own site and my clients. There are many different security plugins out there and it is worth taking the time to research which is going to protect your site the most, these include Sucuri Security and iTheme Security.

These plugins, once installed, activated and set up add a firewall to your website that helps to identify and block malicious attackers from accessing your website.  They also scan your website for malware which can leave you unable to access your website.

WordFence Security software for WordPress websites - logo

3.  Ensure your logins are secure

In order to access your WordPress dashboard, you have to log in with an email address or username together with a password. Having strong passwords is essential. Avoid using obvious passwords such as your date of birth, children’s name or pets name.  Using a mix of Upper and lowercase letters, punctuation and numbers are recommended.

When I check my client’s websites one of the most frequent ways hackers try to access your website is using the username “admin” and the password “admin” so please, please do not use these.

WordPress also allows you to use two-step authentication. This means that not only do you use a secure password you also use a device such as your mobile phone to get a code that will allow you to access your website. And whilst this can seem like just an extra step to get into your website, it’s  a very effective way of keeping your website secure.

** Bonus Tip!! Ensure you backup your website regularly **

Just in case the worst does happen and you get hacked, I would also highly recommend that you backup your websites regularly to ensure you can restore your site if need be.

I recommend the plugin Updraft and again use this on my site as well as my client’s. This plugin allows you to choose how often I want to back up my files, what you back up as well as where you went the backup files will be sent. 

Again there are many backup options you can take but please do ensure your website is being backed up.  As I mentioned before you have spent a lot of time, money and effort creating and growing your website.  Being able to restore your website if things do go wrong is so important.


So to summarise what I’ve shared in this blog “The 3 Steps You Need To Take To Safeguard Your Website From Hacking” today is:-

  1. Check your hosting package for its security features.
  2. Update your WordPress files, themes and plugins regularly
  3. Add Security software to your website.
  4. Ensure your logins are secure
  5. Back up your website regularly

I hope you have found these tips helpful and will be implementing them on your own website. Website maintenance and care are not very difficult if you do it regularly.  It can be time-consuming but it is very worthwhile.  And being proactive rather than reactive can save blood, sweat and tears in the long run.

Many of my clients have decided that they would rather spend their time and effort on running their business rather than looking after their website and so allow me to maintain their sites for them. My Website Maintenance packages start from just £20  per month. I also look after and maintain sites that I have not created so if you don’t have the time, knowledge, skills or inclination to keep your website up to date and maintained please do get in touch and I would be happy to have a chat with you about how I can help.

This blog was created alongside my free Website Wednesday training that took place on 2nd February 2022 in my Facebook Group.  Each week I offer training, support and advice to help you get seen online and build your online audience.  If you’d like to join click the button below.

* Disclaimer

If you click on some of the links marked with a * and you then make a purchase, I may receive compensation from the companies. You will not be charged any extra.   I only promote the products I have invested in myself and recommend based on my own opinion