{"id":12871,"date":"2016-04-20T11:18:33","date_gmt":"2016-04-20T09:18:33","guid":{"rendered":"https:\/\/hetzner.co.za\/help-centre\/?p=12871"},"modified":"2025-03-17T16:08:38","modified_gmt":"2025-03-17T14:08:38","slug":"wp-security","status":"publish","type":"post","link":"https:\/\/xneelo.co.za\/help-centre\/website\/wp-security\/","title":{"rendered":"WordPress security tips"},"content":{"rendered":"<p><span style=\"font-weight: 400;\"><a href=\"https:\/\/xneelo.co.za\/help-centre\/wp-content\/uploads\/2016\/04\/WordPress_blue_logo.svg_.png\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-12889 size-thumbnail alignleft\" src=\"https:\/\/xneelo.co.za\/help-centre\/wp-content\/uploads\/2016\/04\/WordPress_blue_logo.svg_-150x150.png\" alt=\"WordPress_blue_logo.svg\" width=\"150\" height=\"150\" srcset=\"https:\/\/xneelo.co.za\/help-centre\/wp-content\/uploads\/2016\/04\/WordPress_blue_logo.svg_-150x150.png 150w, https:\/\/xneelo.co.za\/help-centre\/wp-content\/uploads\/2016\/04\/WordPress_blue_logo.svg_-300x300.png 300w, https:\/\/xneelo.co.za\/help-centre\/wp-content\/uploads\/2016\/04\/WordPress_blue_logo.svg_.png 1024w, https:\/\/xneelo.co.za\/help-centre\/wp-content\/uploads\/2016\/04\/WordPress_blue_logo.svg_-768x768.png 768w\" sizes=\"auto, (max-width: 150px) 100vw, 150px\" \/><\/a>We are responsible for the server administration and network security, while you are responsible for the administration and WordPress security of your website.<\/span><\/p>\n<p><b>The popularity of WordPress (WP) makes it an appealing target for intruders. Outdated versions of WordPress installations, themes &amp; plugins could result in your website being attacked. <\/b><span style=\"font-weight: 400;\">Vulnerabilities make\u00a0your website susceptible to intrusions from outsiders with malicious intent.<\/span><b> <\/b><\/p>\n<p>If you don\u2019t take care of vulnerabilities, your online business may lose credibility.<\/p>\n<h2>Security tips:<\/h2>\n<h2><span style=\"font-weight: 400;\">Keep your site updated<\/span><\/h2>\n<p><span style=\"font-weight: 400;\">When a security vulnerability becomes known, it is quickly fixed and an update is released by the WordPress community. Older versions of WP are not maintained with WordPress security updates.<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\"><strong>Update<\/strong> to the <a href=\"https:\/\/wordpress.org\/download\" target=\"_blank\" rel=\"noopener noreferrer\">latest version of WordPress<\/a><\/li>\n<\/ul>\n<h2><span style=\"font-weight: 400;\">Carefully choose which themes and plugins you download <\/span><\/h2>\n<p><span style=\"font-weight: 400;\">It only takes one theme or one plugin to make your website vulnerable.<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\"><strong>Update<\/strong> your plugins<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\"><strong>Delete<\/strong> unused plugins<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Don\u2019t use <strong>unverified<\/strong>\u00a0plugins and\/or themes.<\/span><\/li>\n<\/ul>\n<h2><span style=\"font-weight: 400;\">Use a strong password<\/span><\/h2>\n<p><span style=\"font-weight: 400;\">A strong password protects your website content and prevents intruders from gaining access to your admin account\u00a0to compromise your entire website. Many potential vulnerabilities can be avoided with a strong password. <\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Use strong\u00a0<strong>FTP<\/strong> passwords, <strong>WordPress login<\/strong> passwords and <strong>database<\/strong> passwords.<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Should your domain be compromised, it\u2019s advisable you <strong>change all passwords<\/strong> relating to that domain.<\/span><\/li>\n<\/ul>\n<h2><span style=\"font-weight: 400;\">Use security applications<\/span><\/h2>\n<p><span style=\"font-weight: 400;\">These applications provide <strong>pro-active security<\/strong>. They scan your WordPress site for vulnerabilities and inform you if any are found. They can block\u00a0incorrect log-ins, notify you of new edits, and warn you when your site is vulnerable to attacks:<\/span><\/p>\n<ul>\n<li>We recommend <a href=\"https:\/\/xneelo.co.za\/cloudbric\/\" target=\"_blank\" rel=\"noopener noreferrer\">Cloudbric WAF<\/a>.<\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">\u00a0Install a trusted security plugin, such as <a href=\"https:\/\/wordpress.org\/plugins\/wordfence\/\" target=\"_blank\" rel=\"noopener noreferrer\">WordFence<\/a>. Use the plugin user ratings as a guide.<\/span><\/li>\n<\/ul>\n<h2><span style=\"font-weight: 400;\">Avoid using default configurations<\/span><\/h2>\n<p><span style=\"font-weight: 400;\">Changing your default settings adds another thin layer of protection against intruders. The default WordPress login is \u201c<strong>admin<\/strong>\u201d and most intruders know this.<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Delete the <strong>default admin<\/strong> and create a new <strong>custom login<\/strong>.<\/span><\/li>\n<\/ul>\n<h2><span style=\"font-weight: 400;\">Make backups<\/span><\/h2>\n<p><span style=\"font-weight: 400;\">Before you delete anything, make a <strong>full backup<\/strong> of your site. <a href=\"https:\/\/xneelo.co.za\/help-centre\/website\/xneelo-doesnt-guarantee-backups\/\" target=\"_blank\" rel=\"noopener noreferrer\">Our backups<\/a> are only intended for disaster recovery purposes.<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\"><strong>Schedule<\/strong> regular backups<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Backup your data on <strong>read-only<\/strong> media, to ensure your data has not been tampered with.<\/span><\/li>\n<\/ul>\n","protected":false,"plain":"<span ><a href=\"https:\/\/xneelo.co.za\/help-centre\/wp-content\/uploads\/2016\/04\/WordPress_blue_logo.svg_.png\"><img class=\"wp-image-12889 size-thumbnail alignleft\" src=\"https:\/\/xneelo.co.za\/help-centre\/wp-content\/uploads\/2016\/04\/WordPress_blue_logo.svg_-150x150.png\" alt=\"WordPress_blue_logo.svg\" width=\"150\" height=\"150\" \/><\/a>We are responsible for the server administration and network security, while you are responsible for the administration and WordPress security of your website.<\/span>\r\n\r\n<b>The popularity of WordPress (WP) makes it an appealing target for intruders. Outdated versions of WordPress installations, themes &amp; plugins could result in your website being attacked. <\/b><span >Vulnerabilities make\u00a0your website susceptible to intrusions from outsiders with malicious intent.<\/span><b> <\/b>\r\n\r\nIf you don\u2019t take care of vulnerabilities, your online business may lose credibility.\r\n<h2>Security tips:<\/h2>\r\n<h2><span >Keep your site updated<\/span><\/h2>\r\n<span >When a security vulnerability becomes known, it is quickly fixed and an update is released by the WordPress community. Older versions of WP are not maintained with WordPress security updates.<\/span>\r\n<ul>\r\n \t<li ><strong>Update<\/strong> to the <a href=\"https:\/\/wordpress.org\/download\" target=\"_blank\" rel=\"noopener noreferrer\">latest version of WordPress<\/a><\/li>\r\n<\/ul>\r\n<h2><span >Carefully choose which themes and plugins you download <\/span><\/h2>\r\n<span >It only takes one theme or one plugin to make your website vulnerable.<\/span>\r\n<ul>\r\n \t<li ><span ><strong>Update<\/strong> your plugins<\/span><\/li>\r\n \t<li ><span ><strong>Delete<\/strong> unused plugins<\/span><\/li>\r\n \t<li ><span >Don\u2019t use <strong>unverified<\/strong>\u00a0plugins and\/or themes.<\/span><\/li>\r\n<\/ul>\r\n<h2><span >Use a strong password<\/span><\/h2>\r\n<span >A strong password protects your website content and prevents intruders from gaining access to your admin account\u00a0to compromise your entire website. Many potential vulnerabilities can be avoided with a strong password. <\/span>\r\n<ul>\r\n \t<li ><span >Use strong\u00a0<strong>FTP<\/strong> passwords, <strong>WordPress login<\/strong> passwords and <strong>database<\/strong> passwords.<\/span><\/li>\r\n \t<li ><span >Should your domain be compromised, it\u2019s advisable you <strong>change all passwords<\/strong> relating to that domain.<\/span><\/li>\r\n<\/ul>\r\n<h2><span >Use security applications<\/span><\/h2>\r\n<span >These applications provide <strong>pro-active security<\/strong>. They scan your WordPress site for vulnerabilities and inform you if any are found. They can block\u00a0incorrect log-ins, notify you of new edits, and warn you when your site is vulnerable to attacks:<\/span>\r\n<ul>\r\n \t<li>We recommend <a href=\"https:\/\/xneelo.co.za\/cloudbric\/\" target=\"_blank\" rel=\"noopener noreferrer\">Cloudbric WAF<\/a>.<\/li>\r\n \t<li ><span >\u00a0Install a trusted security plugin, such as <a href=\"https:\/\/wordpress.org\/plugins\/wordfence\/\" target=\"_blank\" rel=\"noopener noreferrer\">WordFence<\/a>. Use the plugin user ratings as a guide.<\/span><\/li>\r\n<\/ul>\r\n<h2><span >Avoid using default configurations<\/span><\/h2>\r\n<span >Changing your default settings adds another thin layer of protection against intruders. The default WordPress login is \u201c<strong>admin<\/strong>\u201d and most intruders know this.<\/span>\r\n<ul>\r\n \t<li ><span >Delete the <strong>default admin<\/strong> and create a new <strong>custom login<\/strong>.<\/span><\/li>\r\n<\/ul>\r\n<h2><span >Make backups<\/span><\/h2>\r\n<span >Before you delete anything, make a <strong>full backup<\/strong> of your site. <a href=\"https:\/\/xneelo.co.za\/help-centre\/website\/xneelo-doesnt-guarantee-backups\/\" target=\"_blank\" rel=\"noopener noreferrer\">Our backups<\/a> are only intended for disaster recovery purposes.<\/span>\r\n<ul>\r\n \t<li ><span ><strong>Schedule<\/strong> regular backups<\/span><\/li>\r\n \t<li ><span >Backup your data on <strong>read-only<\/strong> media, to ensure your data has not been tampered with.<\/span><\/li>\r\n<\/ul>"},"excerpt":{"rendered":"<p>Follow our WordPress security tips so that you can secure your WordPress website against vulnerabilities, e.g. weak permissions, weak passwords etc.<\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"lsx_disable_title":"0","_relevanssi_hide_post":"","_relevanssi_hide_content":"","_relevanssi_pin_for_all":"","_relevanssi_pin_keywords":"","_relevanssi_unpin_keywords":"","_relevanssi_related_keywords":"","_relevanssi_related_include_ids":"","_relevanssi_related_exclude_ids":"","_relevanssi_related_no_append":"","_relevanssi_related_not_related":"","_relevanssi_related_posts":"","_relevanssi_noindex_reason":"","footnotes":""},"categories":[779,166],"tags":[477,479,481],"topics":[10377,10371],"class_list":["post-12871","post","type-post","status-publish","format-standard","hentry","category-wordpress","category-website","tag-wordpress-security","tag-security","tag-wp-security","topics-website-security","topics-wordpress"],"acf":[],"additional_meta":{"category_title":[{"term_id":779,"name":"WordPress","slug":"wordpress","term_group":0,"term_taxonomy_id":779,"taxonomy":"category","description":"","parent":166,"count":14,"filter":"raw","term_order":"48","cat_ID":779,"category_count":14,"category_description":"","cat_name":"WordPress","category_nicename":"wordpress","category_parent":166},{"term_id":166,"name":"Website","slug":"website","term_group":0,"term_taxonomy_id":166,"taxonomy":"category","description":"About your Website(s)","parent":0,"count":169,"filter":"raw","term_order":"120","cat_ID":166,"category_count":169,"category_description":"About your Website(s)","cat_name":"Website","category_nicename":"website","category_parent":0}],"tag_title":[{"term_id":477,"name":"wordpress security","slug":"wordpress-security","term_group":0,"term_taxonomy_id":477,"taxonomy":"post_tag","description":"","parent":0,"count":1,"filter":"raw","term_order":"2634"},{"term_id":479,"name":"security","slug":"security","term_group":0,"term_taxonomy_id":479,"taxonomy":"post_tag","description":"","parent":0,"count":5,"filter":"raw","term_order":"2660"},{"term_id":481,"name":"wp security","slug":"wp-security","term_group":0,"term_taxonomy_id":481,"taxonomy":"post_tag","description":"","parent":0,"count":1,"filter":"raw","term_order":"2686"}]},"featured_image_src":null,"author_info":{"display_name":"support","author_link":"https:\/\/xneelo.co.za\/help-centre\/author\/support\/","author_avatar":"https:\/\/secure.gravatar.com\/avatar\/9ac2347bed4a2a225e4de39bbfc0a998c17d8524895677ad53dd1db11aaa79f4?s=96&d=mm&r=g"},"_links":{"self":[{"href":"https:\/\/xneelo.co.za\/help-centre\/wp-json\/wp\/v2\/posts\/12871","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/xneelo.co.za\/help-centre\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/xneelo.co.za\/help-centre\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/xneelo.co.za\/help-centre\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/xneelo.co.za\/help-centre\/wp-json\/wp\/v2\/comments?post=12871"}],"version-history":[{"count":0,"href":"https:\/\/xneelo.co.za\/help-centre\/wp-json\/wp\/v2\/posts\/12871\/revisions"}],"wp:attachment":[{"href":"https:\/\/xneelo.co.za\/help-centre\/wp-json\/wp\/v2\/media?parent=12871"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/xneelo.co.za\/help-centre\/wp-json\/wp\/v2\/categories?post=12871"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/xneelo.co.za\/help-centre\/wp-json\/wp\/v2\/tags?post=12871"},{"taxonomy":"topics","embeddable":true,"href":"https:\/\/xneelo.co.za\/help-centre\/wp-json\/wp\/v2\/topics?post=12871"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}