In the book, three WordPress developers whom I look up to very much are interviewed about security best practices for WordPress. They give some great tips and commentary on keeping websites safe. The book even has a TL;DR in the back so you can get right to implementing great security practices on your site without reading the first 28 pages! Although, I’d highly recommend reading the first 28 pages, because that’s where I found this gem from WordPress developer Rachel Baker:
After reading that passage I actually broke into a really awkward dance involving the Dougie and an uncommon version of the Carlton. I’m not proud of what I did [Please stop searching YouTube]. But that doesn’t make what Rachel said any less important. It’s vitally important.
I’ve worked with bloggers and small business owners of many different skill sets. Many hear about how great WordPress is go straight for the “one-click” installations. During the excitement people often forget that running software on a web server means that they are now responsible for protecting their content and ensuring everything keeps running smoothly. People aren’t familiar with servers, or code, or common security threats. They know their content is “online somewhere,” but don’t really know who’s watching over it or what their webhost is really like.
It’s a good idea to do some homework. Here are three quick things you can do right now to become a more responsible site owner:
- Download the Locking Down WordPress eBook from Code Poet. I read the entire thing in about 15 minutes and I think I’m a pretty slow reader. If you see a tip that you’d like to implement and you’re not sure how, shoot us an email and we’ll get it setup for you: firstname.lastname@example.org.
- Make a commitment to start learning more about how your WordPress site works. There are great resources all over the web to learn about WordPress. It doesn’t take long. Commit to 10-15 minutes per day. Check out Easy WP Guide, a guide for getting started with WordPress that has instructions that follow the flow of the WordPress dashboard. If you enjoy learning with videos, WP101 is a great resource. There’s a small fee for access to some of the videos, but it’s well worth it in my opinion. The videos are superb quality. If you’re one of our monthly site maintenance clients, access to all of those videos is included in your monthly fee.
- Ask questions. It’s a fear that all of us have. We don’t want to sound dumb or uneducated, but that’s how we learn. Well, that and Google ;). Here’s a great list of WordPress folks on Twitter who can answer questions that you’ll surely have. You can also check out the WordPress forums.
Remember, this isn’t about becoming a code monkey or a developer yourself. That’s not why you started your blog or website (probably). This is about taking responsibility for your website, protecting your content, and keeping everyone who visits your website safe from internet parasites.