Five More Tips to Secure Your WordPress Site this 2016

Published: Sep 24, 2016

In the advent of modern-day technology, security measures to keep sensitive information protected have evolved. However, cybersecurity threats are evolving at the same rate. In order to keep your website protected from such threats, you will need to update and improve your security features regularly. You must never get left behind to stay on top of the game!


In 2012, Fearless Flyer has introduced five important steps in securing a WordPress blog. They are:

  1. Create secure passwords
  2. Delete the default admin user
  3. Hide the WordPress version you are using
  4. Keep you WordPress updated
  5. Do not ever use “wp_” for the database table prefix

True enough, these tips are helpful in keeping a WordPress website secured from threats that were prevalent at that time. Even by now in 2016, these Fearless Flyer tips can still you help you in maintaining a significant level of security for your WordPress site but in order to keep in with the threats of today, you must also employ modern measures.

The following tips can help you repel the threats on cybersecurity this 2016 against WordPress sites:

1) Minimize plugin use.

Plugins are great. WordPress is known for being customizable with several themes and plugins. However, to help keep your WordPress site safe and secured, you must consider limiting your use of such plugins.

Keep you WordPress site light and easy to load, and just focus on keeping your site protected. Dan Norris, co-founder of WordPress website support service WP Curve, recommends 20 to be a good number. It’s an endless debate if too many plugins can break or won’t break your website. Plugins can cause website crashes, decline on page speed and site performance, security breaches, and so on.

Remember that you should scrutinize every plugin before you install it to your website. Security firm Sucuri has found out that a quarter of all hacked WP sites were compromised due to some plugin use.

2) Don’t download premium plugins for “free”.

Do not fall victim to offers of premium plugins that you can get free of charge. Clicking on them might just expose your WordPress site to risks of being breached.

Hackers usually bait unsuspecting website administrators and owners by deceiving them that they will be given premium plugins free of charge. Yet actually, the goal is that the hacker will be given access to the website thanks to the plugin installed.

So the next time you see offers like that, automatically consider that it’s a trap!

3) Opt for automatic core updates.

Core updates are vital updates to your WordPress version which entails changes to the program itself. Core updates include maintenance and security updates that are essential in keeping your WordPress site secured.

It is recommended that you put core updates on the automatic update option. By doing so, you will never get left behind on WordPress security. Get the latest update and keep your website protected as soon as updates become available.

Plugins should also be updated. Remember the Panama Papers leak? Experts say that the breach started at one outdated plugin, the Revolutional Slider.

4) Harden your WordPress site using .htaccess

.htaccess is a configuration file which makes possible the configuration changes to all documents in a directory basis. It is also a great tool in keeping your WordPress protected.

.htaccess can help protect your WordPress Admin area by providing a limit to the access of the site for a selected IP addresses only. .htaccess can also  password-protect your WordPress Admin folder. And in relation to your sensitive files and documents, .htaccess can disable browsing of our directories.

There’s a lot you can do with .htaccess for your WordPress site. Indeed, .htaccess is a powerful tool to keep your site secured. wpmudev has created a comprehensive guide to editing .htaccess for WordPress Security.

5) Go for the best web hosting provider within your budget.

In putting up a website, hosting should be one of your biggest concerns. You should select a web hosting service that can offer the best features for you. Sure, price is a consideration, but you should look into what the hosting package provides you. You should be looking into the value for your money and not only on the price.

Speaking of the best hosting – try out Bluehost for your WordPress websites.

In selecting a WordPress hosting service, choose one that offers you your needed features, provides support, and offers security. There are very affordable hosting out there but not all can provide the features you require, nor are they the safest choice. Dig further into the hosting service’s promise, and thoroughly assess your choices.

You will shell out money no matter what. It’s just a matter of choosing the one that you won’t regret. So to help keep your WordPress site safe, pick the best hosting service that fits in your budget!


To really keep your WordPress site protected, using SSL is necessary. SSL provides for an encrypted connection between the web server and the web browser. In this way, data and information that passes through this secured connection are protected and even if a hacker successfully infiltrate your site, all he would be able to see is a bunch of unintelligible texts.

SSL can truly help in keeping your WordPress site’s security intact so you should really give this bonus tip a go!

Keep your websites safe with these tips!

Again, Fearless Flyer’s tips are still helpful four years thereafter. But to fully repel modern-day cybersecurity threats, employing our tips above will give you an even safer WordPress site.

So again, to keep you WordPress site protected against 2016 threats:

  • 1) Cut Back on Plugin Use
  • 2) Don’t Download Premium Plugins for Free
  • 3) Consider Automatic Core Updates
  • 4) Protect Your Most Pertinent Files Using .htaccess
  • 5) Pick the Best Hosting You Can Afford.
And of course…install SSL certificates!

With these six tips, we hope that we have help you in keeping your WordPress site safe and secure against the threats that modernization brings. Sooner or later, there will be additional ways to keep your WordPress site safer, but for now, these six tips are the best tips that you can follow. Cheers to a secured WordPress site!

Alex is a security writer for a global security provider. Having an SSL certificate means your site will enjoy the highest security levels and you’ll also receive additional tools that will win customer trust and increase sales conversions.