WordPressSecurity

Lets take a realistic look at security in WordPress.  The question is “How safe and secure is WordPress?”  Lets answer this question.

First, if you want to make a banking website, or one that processes credit card information, or an e-commerce site, and are considering WordPress, you are probably looking in the wrong direction.  But not so fast.  Let’s not rush into that decision.

Remember in previous discussions, I talked about the “modular” nature of WordPress.  That very nature does not necessarily rule out WordPress as being a part of the total solution.  WordPress can be used for certain aspects of the total website solution.  But when it comes to e-commerce, credit card processing, or high security where the protection of information is critical, I would link WordPress to another module to handle those high-security transactions.  A good example is how an-e-commerce site might link to PayPal™ to handle the payment aspects of the transaction.  An e-commerce “module” can easily be implemented alongside WordPress, and the e-commerce module can be linked to PayPal™ to process the payments.  Just like in building, you need the right tool for the job.

Lets look at overall website security in WordPress.

Remember previously that I told you that WordPress is “OpenSource”.  That strength is also a weakness.  Consider this.  The largest banks, retail chains and even the government websites get hacked.  If somebody wants in badly enough, there are ways to get in.  Nothing is 100% secure.  Ever.  The OpenSource nature of WordPress means that the code is open for viewing, and in the hands of malicious individuals, could be used for less than positive purposes.  The same is true for the PlugIns that are at the core of the beauty of WordPress.  This is the hard, cold truth.  But this is not just WordPress.  It is every piece of software out there.  So where does that leave us.

It leaves us with due diligence.  Here are the basic strategies that are at the core of AKOR Services value-added services when developing WordPress websites.

  • Use best-practices for website security within budget and scope of website.
  • Stay current on all updates for WordPress, Themes and installed PlugIns.
  • Install and configure a strong firewall.
  • Don’t leave unused Themes or PlugIns installed.
  • Extensively modify Administration options, tightening security to only allow used options for the specific website.
  • Login and password security at the hosting, email and WordPress levels
  • Filtering for e-mail (if contracted)
  • Implement other security measures as needed.
  • and the list goes on and on.

Bottom line, your new WordPress website will be sufficiently secure based on your needs.

Security is a two-edged sword.  It can be tightened down so much that the web site is not fun or usable, and the search engines such as Google, Bing and Yahoo won’t find your site.  Isn’t that the goal?  For your website to show up on the search engines, and more importantly, for new customers to find you?  It is a fine balancing act.  I can assure you that hackers WILL try and hack your website.  But when we implement these security measures, your website should withstand the attacks.

 

Next Article                    Menu

© AKOR Services, 2015, All Rights Reserved