WordPress security checklist

Here is a simple checklist for WordPress owners and publishers. WordPress is one of the most popular website platforms due to its ease of use; however, it has its problems, and it is due to its popularity that hackers use this platform to try and inject their malware and malicious scripts. WordPress security has become essential nowadays to protect not only your website but also your brand reputation.

unknown infections

Often WordPress owners are unaware that their website has been hacked. Just because your website has been hacked does not necessarily mean that you will see a strange image when you access your website. Hackers often disguise the fact that they have hacked into your site as they have injected a mail bot and are sending spam from your IP address.

Use our checklist to learn the basics of good WordPress security

one. Clean and remove spyware, malware and viruses from your PC/Mac before entering the backend of your WordPress installation

two. Backup of your website before doing anything, this is easily done with the use of Backup Buddy.

3. Never use ‘admin’ as username.

Four. Always use a strong password.

5. Stay updated – Make sure your WordPress installation and WordPress plugins are always up to date. Check out the latest WP security updates in the resources section below.

6. Limit of login attempts – Make sure to reduce the login attempts to around 3 attempts. Don’t make it easy for hackers.

7. Remove unwanted WordPress themes – When themes are still on your website and become outdated, hackers use them to gain access. Just have the theme you are using installed and keep it up to date.

8. Spring cleaning – Your WordPress website may have other folders in the root of your server. Do you really need them or are they areas of development? If you don’t need the folders, delete them.

9. Your Hosting Company – Make sure you are using a hosting company that specializes in WordPress installations. WordPress servers need special attention to protect your website.

10 Double Layer Authentication – Use an extra layer of security.


While the checklist above is not an exhaustive list, it is a basic level of security. Protection is the beginning of the process, it is important to monitor your website daily. We realize that many website owners simply don’t have the time or knowledge, which is why we provide 3 services which can be found in the resources section below.

We hope you have found this checklist helpful.

Leave a Reply

Your email address will not be published. Required fields are marked *