Top 5 Common – WordPress Mistakes to Avoidgozen
WordPress is among the most popular CMS’s around the world (if not the most popular now) and that it’s not any big surprise since WordPress started as an easy to use blog platform and has become an evolutionary CMS…focused on user-friendly …both admins and readers.
…but and here’s what happens when everything is super easy for you, the Webmaster…unfortunately you forget some of the most simple security measures, in order to keep your WordPress safe and your readers happier.
We’ve gathered five of the most common mistakes (don’t do it) among a few hundredths of WordPress based websites we host on our servers here on GOZEN Host and we hope that this list will help others also avoid same mistakes.
You are using “admin” as your user login
You know already and if not you are among the minority that “admin” user is hackers most favorite user, especially when it comes to Brute Force attacks. Well, back in the old times when WordPress started, they had “admin” as the default Administrator User and one had to go to settings, create a new user, assign Administrator rights to this user and then remove or downgrade “admin” user in order to avoid this problem.
Now, WordPress during the installation process, allows you to have any username you like… so please people, forget the user “admin” it’s the first one they are going to try when it’s about abusing your site.
Solution: If your user login is “admin,” then you need to change it immediately. There are a number of ways to do it, but the easiest is to just create a new user, assign admin rights to the new user and then delete the admin username and re-attribute posts to your new user.
You’re Not Keeping Up with Updates
WordPress releases new versions on a regular basis. It’s currently on 4.3.x, but I’m certain the next version is not far away. WordPress is open source and allows many contributors to help keep the platform stable….at the same time, people find very easy to look into WordPress code and search for vulnerabilities
And last but not least, you need to keep your plugins and add-ons updated, many security issues rise every single hour, so keeping your WordPress Plugins updated is mandatory and quite easy now that JetPack can handle that on your behalf…once you configure this feature on it.
You are not backing up
Well, even though with GOZEN Business Hosting you are in safe hands, we can’t promise 100% protection from your own updates or when you are with another host…
Before any major updates, you need to initiate a full backup so in case something goes wrong, you can revert any changes in no time, our support is always there to help you as per request.
Action: Backing up your site is easy and necessary. There are a variety of plugins that actually work. We recommend trying out UpdraftPlus. These plugins (you may find more in WordPress, free or commercial) backup your site on a regular basis, allowing you to keep attention focused on more important things.
You do not optimize your images
Considering the human brain can process information in an image faster than text, it’s no wonder sites are now using a lot of images. This is both good and bad.
We all love images!And a striking image can have lasting effects on your visitors, but there are just a few things you need to take into consideration when you upload an image to your site, one is the fact that not everyone has a great speed your Internet Provider has, second, and this is even more important, they might be using their mobile phone or tablet to access your website and your images are killing their data pack. Keep in mind that mobile usage increases day by day and your audience most probably uses its mobile device to access your site.
We see a lot of people using twice as big images than their WordPress theme supports and even though WordPress will shrink down their image to make it fit, site owners should only upload images up to the size their theme can handle.
You Have a Lack of Site Security
WordPress itself is relatively secure, but when you add plugins to your site, your site’s security is compromised. Plugins are great, but not everyone is coded properly or secure, unfortunately.
Site security should be established at the onset of setting up your site. Do this by making sure you have a plugin that locks down the login page.
WordFence locks your login page and you can either use the free or the paid version, while Sucuri allows you to harden your WordPress Installation by making sure hackers can’t use backdoors to manipulate your site.
Action: Use a security plugin and a secure host like GOZEN Host, once you got that, you are definitely in good hands.
WordPress and all the possibilities it provides can sometimes seem a bit overwhelming for web beginners, but it is a user-friendly platform and when someone shows you the ropes, it becomes very simple and easy to use. If you wish to learn more about WordPress and what you can do to improve your online presence, check out our blog posts regularily!