Last time I discussed essential and desirable site maintenance activities. In this post, I shall look at some of the essential activities you must undertake regularly to make sure your site is secure.
One of the disadvantages of WordPress is, as the world’s most popular content management system (cms), it is a prime target for hackers. If they can get onto your site they can do a lot of damage.
I’ve crashed my site a couple of times and a good host is essential for rescuing you at these times. It is a good idea to back up your site so that you have a copy when you do crash it. I’ve also encountered various bugs that develop spontaneously and I’ve normally needed technical help to track them down.
The first thing you need to do is to pay attention to your site. Spotting something has gone wrong is a crucial first step. I wrote some time ago about a fault that developed on my site. I don’t know how long it was there before I spotted it. You will also spot spelling mistakes, grammatical errors and other embarrassing things that somehow slipped past your stringent quality controls.
I shall assume from here on in you’re using WordPress. If you’re using another content management system (cms), you will need something similar and so it is worth reading on and adapting to your own cms.
Keep an eye on the updates page. You will see it in the drop down menu under “Dashboard”, in the left hand column. If there are any updates, there will be an orange tag. Deal with these as soon as you spot them. Many updates contain fixes for known vulnerabilities, so if you don’t update, your site may be vulnerable.
WordPress warn you that an update can on occasion cause problems. So far, I haven’t found this. I have occasionally found the update suspends and doesn’t complete. When this has happened my host’s support were able to deal with the problem very quickly.
Almost everything else can be taken care of with plug-ins. I use the following:
- Back-up – there are several options and I use Updraftplus.
- Security – I use Wordfence – which seems to cover most security threats. You get occasional emails with advice about how to adjust your security settings to meet current threats.
- Anti-spam – WordPress includes Akismet as standard. It is free although it has an idiosyncratic approach to allowing you to use it for free. It seems to work reasonably well, allowing genuine comments through and filtering most of the spam. I have checked the spam it filters out and so far I haven’t found anything that shouldn’t be there. When it lets spam through, comments moderation captures it and so reduces your work controlling spam.