{"id":1554,"date":"2021-03-05T19:21:37","date_gmt":"2021-03-05T19:21:37","guid":{"rendered":"https:\/\/www.hostarmada.com\/blog\/?p=1554"},"modified":"2021-03-05T19:21:37","modified_gmt":"2021-03-05T19:21:37","slug":"wordpress-security-practices-in-2021","status":"publish","type":"post","link":"https:\/\/www.hostarmada.com\/blog\/wordpress-security-practices-in-2021\/","title":{"rendered":"WordPress Security: Best practices in 2021!"},"content":{"rendered":"\r\n<p>WordPress security practices change over time, while some remain consistent as the years go by, and then there are others that are brand new. This is all quite normal as our web hosting technology continually develops and innovates. Still, regardless of how securing a WordPress website was done in the past and how it will be in the future, <strong>HostArmada<\/strong> is here to present you with the best practices we&#8217;ve compiled for the year 2021.<br \/><br \/>Keep on reading, and you&#8217;ll see them all because taking chances with your website&#8217;s safety is strongly discouraged, and every little step taken to improve your WordPress security will pay off in the long run!<\/p>\r\n\r\n\r\n\r\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_82_2 ez-toc-wrap-right counter-hierarchy ez-toc-counter ez-toc-transparent ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #565656;color:#565656\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #565656;color:#565656\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/www.hostarmada.com\/blog\/wordpress-security-practices-in-2021\/#Strengthening_your_access_to_improve_WordPress_security\" >Strengthening your access to improve WordPress security<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/www.hostarmada.com\/blog\/wordpress-security-practices-in-2021\/#The_Administration_URL\" >The Administration URL<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/www.hostarmada.com\/blog\/wordpress-security-practices-in-2021\/#Brute_force_protection\" >Brute force protection<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/www.hostarmada.com\/blog\/wordpress-security-practices-in-2021\/#Stronger_Password_for_better_WordPress_Security\" >Stronger Password for better WordPress Security<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/www.hostarmada.com\/blog\/wordpress-security-practices-in-2021\/#Users_Clean-up\" >Users Clean-up<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/www.hostarmada.com\/blog\/wordpress-security-practices-in-2021\/#WordPress_Maintenance_leads_to_increased_WordPress_Security\" >WordPress Maintenance leads to increased WordPress Security<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/www.hostarmada.com\/blog\/wordpress-security-practices-in-2021\/#Keep_up_to_date\" >Keep up to date<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-8\" href=\"https:\/\/www.hostarmada.com\/blog\/wordpress-security-practices-in-2021\/#Upgrade_to_the_latest_PHP_version\" >Upgrade to the latest PHP version<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-9\" href=\"https:\/\/www.hostarmada.com\/blog\/wordpress-security-practices-in-2021\/#Backup_your_website_regularly\" >Backup your website regularly<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-10\" href=\"https:\/\/www.hostarmada.com\/blog\/wordpress-security-practices-in-2021\/#WordPress_security_plugins\" >WordPress security plugins<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-11\" href=\"https:\/\/www.hostarmada.com\/blog\/wordpress-security-practices-in-2021\/#Wrapping_things_up_for_WordPress_Security\" >Wrapping things up for WordPress Security<\/a><\/li><\/ul><\/nav><\/div>\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Strengthening_your_access_to_improve_WordPress_security\"><\/span>Strengthening your access to improve WordPress security<span class=\"ez-toc-section-end\"><\/span><\/h2>\r\n\r\n\r\n\r\n<div class=\"wp-block-image is-style-rounded\">\r\n<figure class=\"aligncenter size-large is-resized\"><img decoding=\"async\" class=\"wp-image-1578\" src=\"https:\/\/www.hostarmada.com\/blog\/wp-content\/uploads\/2021\/03\/Wavy_Bus-25_Single-07-1024x1024.jpg\" alt=\"\" width=\"534\" height=\"534\" srcset=\"https:\/\/www.hostarmada.com\/blog\/wp-content\/uploads\/2021\/03\/Wavy_Bus-25_Single-07-1024x1024.jpg 1024w, https:\/\/www.hostarmada.com\/blog\/wp-content\/uploads\/2021\/03\/Wavy_Bus-25_Single-07-300x300.jpg 300w, https:\/\/www.hostarmada.com\/blog\/wp-content\/uploads\/2021\/03\/Wavy_Bus-25_Single-07-150x150.jpg 150w, https:\/\/www.hostarmada.com\/blog\/wp-content\/uploads\/2021\/03\/Wavy_Bus-25_Single-07-768x768.jpg 768w, https:\/\/www.hostarmada.com\/blog\/wp-content\/uploads\/2021\/03\/Wavy_Bus-25_Single-07-1536x1536.jpg 1536w, https:\/\/www.hostarmada.com\/blog\/wp-content\/uploads\/2021\/03\/Wavy_Bus-25_Single-07-2048x2048.jpg 2048w, https:\/\/www.hostarmada.com\/blog\/wp-content\/uploads\/2021\/03\/Wavy_Bus-25_Single-07-24x24.jpg 24w, https:\/\/www.hostarmada.com\/blog\/wp-content\/uploads\/2021\/03\/Wavy_Bus-25_Single-07-36x36.jpg 36w, https:\/\/www.hostarmada.com\/blog\/wp-content\/uploads\/2021\/03\/Wavy_Bus-25_Single-07-48x48.jpg 48w\" sizes=\"(max-width: 534px) 100vw, 534px\" \/><\/figure>\r\n<\/div>\r\n\r\n\r\n\r\n<p>We are starting off this blog post by diving deep into the various ways that you can enhance, improve and harden the WordPress security of your login area. <br \/><br \/><strong>These are the various categories that we suggest you focus on when doing just that:<\/strong><\/p>\r\n\r\n\r\n\r\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"The_Administration_URL\"><\/span>The Administration URL<span class=\"ez-toc-section-end\"><\/span><\/h3>\r\n\r\n\r\n\r\n<p>By default, your WordPress will create the administration URL at <strong>\/wp-admin<\/strong>, and you would be accessing it, for example, through <strong>www.testsite.com\/wp-admin<\/strong>, which is quite acceptable in most cases. However, this is also a well-known spot for malicious people to locate when they would like to breach your WordPress security. That is why more steps have to be taken to ensure that the <strong>&#8220;door&#8221;<\/strong> to your WordPress inner workings remain securely locked to everyone that isn&#8217;t meant to have that kind of access. <br \/><br \/>To make sure that is no longer the case, you can begin by setting up a plugin on the website that will allow you to change where your Admin URL loads up on the browser. This will make it harder for anyone to gain access to your website that is attempting to force their way in. <br \/><br \/><strong>Here is one suggestion for a plugin like that:<\/strong> <em><a href=\"https:\/\/wordpress.org\/plugins\/wps-hide-login\/\" target=\"_blank\" rel=\"noreferrer noopener\">WPS Hide Login<\/a><\/em><br \/><br \/><em>WPS Hide Login<\/em> is a very light plugin that lets you easily and safely change the url of the login form page to anything you want. It doesn\u2019t literally rename or change the core files, nor does it add rewrite rules. It simply intercepts page requests and works on any WordPress website. The <strong>wp-admin<\/strong> directory and <strong>wp-login.php<\/strong> page become inaccessible, so you should bookmark or remember the url. Deactivating this plugin brings your site back exactly to the state it was before.<br \/><br \/>*<strong>Note:<\/strong> Be cautious about your choice and configuration, even of WordPress\u00a0security plugins. Some may have an impact on the performance of your website if not configured correctly.<br \/><br \/>With a plugin like this, you can alter your <strong>wp-admin<\/strong> to be more secure in the long run. For example, changing it from the default <strong>www.testsite.com\/wp-admin<\/strong> to <strong>www.testsite.com\/login<\/strong>.<\/p>\r\n\r\n\r\n\r\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Brute_force_protection\"><\/span>Brute force protection<span class=\"ez-toc-section-end\"><\/span><\/h3>\r\n\r\n\r\n\r\n<p>The most common method a hacker will attempt to overcome your WordPress security is through a method known as brute force attack. Let&#8217;s talk a little bit more about that before we tell you how best to avoid it, shall we?<\/p>\r\n\r\n\r\n\r\n<p>A brute force attack uses trial-and-error to guess login info, encryption keys or find a hidden web page. Hackers work through all possible combinations hoping to guess correctly. These attacks are made by <strong>&#8220;brute force&#8221;<\/strong>, meaning they use excessive forceful attempts to try and <strong>&#8220;force&#8221;<\/strong> their way into your private account(s).<\/p>\r\n\r\n\r\n\r\n<p>This is an old attack method, but it&#8217;s still effective and popular with hackers. Depending on the password&#8217;s length and complexity, cracking can take anywhere from a few seconds to many years.<br \/><br \/>Naturally, this kind of attack is to be avoided, and installing a plugin that can help resolve that issue in your WordPress security will be greatly beneficial to your website. <br \/><br \/>It is relevant to say here that <strong>HostArmada<\/strong> already provides you with Brute Force protection on all <a href=\"https:\/\/hostarmada.com\/cloud-ssd-shared-hosting\/\" target=\"_blank\" rel=\"noreferrer noopener\">Cloud SSD Shared Web Hosting<\/a> solutions. <br \/><br \/><strong>Here is one suggestion for a plugin like that:<\/strong> <em><a href=\"https:\/\/fr.wordpress.org\/plugins\/wps-limit-login\/\" target=\"_blank\" rel=\"noreferrer noopener\">WPS Limit Login<\/a><\/em><br \/><br \/>Limit the number of login attempts that are possible both through the normal login as well as using the auth cookies. WordPress, by default, allows unlimited login attempts either through the login page or by sending special cookies. This allows passwords (or hashes) to be cracked via brute-force relatively easily. <em>WPS Limit login<\/em> blocks an IP address from making further attempts after a specified limit on retries has been reached, rendering a brute-force attack difficult or impossible.<br \/><br \/><strong>*Note:<\/strong> Be cautious about your choice and configuration, even of WordPress security plugins. Some may have an impact on the performance of your website if not configured correctly.<br \/><br \/>Updating your login parameters just like that with the use of a plugin will help you defend against brute force attacks.<\/p>\r\n\r\n\r\n\r\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Stronger_Password_for_better_WordPress_Security\"><\/span>Stronger Password for better WordPress Security<span class=\"ez-toc-section-end\"><\/span><\/h3>\r\n\r\n\r\n\r\n<p>There isn&#8217;t much we would like to cover on this point of the topic, rather our aim is to continue to remind our clients and visitors that generating a secure password will go a long way in regards to improving the WordPress security of your website. <br \/><br \/>There are plenty of random password generator websites that you can use online to create a unique password to use for your website. This is <a href=\"https:\/\/passwordsgenerator.net\/\" target=\"_blank\" rel=\"noreferrer noopener\">one<\/a> that you can use!<\/p>\r\n\r\n\r\n\r\n<p><strong>To change your WordPress password in current versions:<\/strong><\/p>\r\n\r\n\r\n\r\n<p><strong>Step 1.<\/strong> In the Administration Screen menu, go to Users &gt; All Users.<br \/><strong>Step 2.<\/strong> Click on your username in the list to edit it.<br \/><strong>Step 3.<\/strong> In the Edit User screen, scroll down to the New Password section and click the Generate Password button.<br \/><strong>Step 4.<\/strong> If you want to change the automatically-generated password, you can overwrite it by typing a new password in the box provided. The strength box will show you how good <strong>(strong)<\/strong> your password is.<br \/><strong>Step 5.<\/strong> Click the Update User button.<br \/><br \/>Your new password becomes active immediately!<\/p>\r\n\r\n\r\n\r\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Users_Clean-up\"><\/span>Users Clean-up<span class=\"ez-toc-section-end\"><\/span><\/h3>\r\n\r\n\r\n\r\n<p>In some cases, WordPress can install a default user with the name: <strong>&#8220;admin&#8221;<\/strong>. This user has no impact on how your website functions or its performance. All the same, it is an easy target for hackers and malicious scripts seeking to find a way to get past your WordPress security. <br \/><br \/>So the best way to go around this, if you only have the <strong>&#8220;admin&#8221;<\/strong> username, is to create another user by going inside the WordPress Administration Screen menu and then to navigate to <strong>Users &gt; All Users<\/strong>. You can create your new username through there with its own unique name, password, and, let us not forget, admin privileges you need to set it up with!<br \/><br \/>When your new username is created and has been given admin privileges, you should use it to delete the <strong>&#8220;admin&#8221;<\/strong> username. While you are at it, you should also look into deleting any inactive or old usernames created for the staff or developers that malicious users could equally exploit.<\/p>\r\n\r\n\r\n\r\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"WordPress_Maintenance_leads_to_increased_WordPress_Security\"><\/span>WordPress Maintenance leads to increased WordPress Security<span class=\"ez-toc-section-end\"><\/span><\/h2>\r\n\r\n\r\n\r\n<div class=\"wp-block-image is-style-rounded\">\r\n<figure class=\"aligncenter size-large is-resized\"><img decoding=\"async\" class=\"wp-image-1581\" src=\"https:\/\/www.hostarmada.com\/blog\/wp-content\/uploads\/2021\/03\/19362653-1024x683.jpg\" alt=\"\" width=\"489\" height=\"325\" srcset=\"https:\/\/www.hostarmada.com\/blog\/wp-content\/uploads\/2021\/03\/19362653-1024x683.jpg 1024w, https:\/\/www.hostarmada.com\/blog\/wp-content\/uploads\/2021\/03\/19362653-300x200.jpg 300w, https:\/\/www.hostarmada.com\/blog\/wp-content\/uploads\/2021\/03\/19362653-768x512.jpg 768w, https:\/\/www.hostarmada.com\/blog\/wp-content\/uploads\/2021\/03\/19362653-1536x1024.jpg 1536w, https:\/\/www.hostarmada.com\/blog\/wp-content\/uploads\/2021\/03\/19362653-2048x1365.jpg 2048w, https:\/\/www.hostarmada.com\/blog\/wp-content\/uploads\/2021\/03\/19362653-24x16.jpg 24w, https:\/\/www.hostarmada.com\/blog\/wp-content\/uploads\/2021\/03\/19362653-36x24.jpg 36w, https:\/\/www.hostarmada.com\/blog\/wp-content\/uploads\/2021\/03\/19362653-48x32.jpg 48w\" sizes=\"(max-width: 489px) 100vw, 489px\" \/><\/figure>\r\n<\/div>\r\n\r\n\r\n\r\n<p>Maintaining your WordPress website is a constant, if not a daily process, that involves various activities, each contributing to the overall health and security of the site. <br \/><br \/>Are you curious to learn more about what WordPress maintenance you should focus on to find ways to boost your website&#8217;s safety? Then you should look no further than in the following categories. <br \/><br \/><strong>Here they are:<\/strong><\/p>\r\n\r\n\r\n\r\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Keep_up_to_date\"><\/span>Keep up to date<span class=\"ez-toc-section-end\"><\/span><\/h3>\r\n\r\n\r\n\r\n<p>One of the leading causes of website performance issues and exploits for hackers and malicious scripts is an out-of-date plugin. That is why another fundamental way to harden your WordPress security is to always keep it up to date. This includes WordPress core files, plugins, and themes. These are updated for a reason, and a lot of times, these include security enhancements and bug fixes that are necessary for the health and security of your WordPress website. <br \/><br \/>More often than not, you can make sure that your separate WordPress components are updated through the automatic updater built in the WordPress admin area. Along with updating, it is essential to mention that you should also clean up any unused plugins you have. Suppose you see that one of these plugins hasn&#8217;t been updated in the last six months. In that case, you should immediately consider removing them because the risk for a security exploit raises the longer a plugin remains without an update to its version.<\/p>\r\n\r\n\r\n\r\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Upgrade_to_the_latest_PHP_version\"><\/span>Upgrade to the latest PHP version<span class=\"ez-toc-section-end\"><\/span><\/h3>\r\n\r\n\r\n\r\n<p>PHP is the backbone of your WordPress site and so using the latest version on your server is very important. Each major release of PHP is typically fully supported for two years after its release. During that time, bugs and security issues are fixed and patched regularly.<br \/><br \/>As of right now, <strong>HostArmada<\/strong> supports the latest PHP version, which is PHP 8. You can read more about that one and consider upgrading to it properly by following this other blog post that we have written about <strong><a href=\"https:\/\/www.hostarmada.com\/blog\/php-8-available-on-all-hostarmada-services\/\" target=\"_blank\" rel=\"noreferrer noopener\">PHP 8<\/a><\/strong>.<\/p>\r\n\r\n\r\n\r\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Backup_your_website_regularly\"><\/span>Backup your website regularly<span class=\"ez-toc-section-end\"><\/span><\/h3>\r\n\r\n\r\n\r\n<p>This is a crucial activity that every website admin should regularly do in any online project. Backing up your website content will ensure that if there is a mistake or if there has been something that has compromised your WordPress security, you will be able to fall back on the restoration of your website backup. That is how your website can return to how it was before any issues arose. Saving you time and the stress of having to fix any newfound issues manually and one-by-one. <br \/><br \/><strong>HostArmada<\/strong> provides daily backups on our all <a href=\"https:\/\/hostarmada.com\/cloud-ssd-shared-hosting\/\" target=\"_blank\" rel=\"noreferrer noopener\">Cloud SSD Shared Web Hosting solutions.<\/a><\/p>\r\n\r\n\r\n\r\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"WordPress_security_plugins\"><\/span>WordPress security plugins<span class=\"ez-toc-section-end\"><\/span><\/h2>\r\n\r\n\r\n\r\n<div class=\"wp-block-image\">\r\n<figure class=\"aligncenter size-large is-resized\"><img decoding=\"async\" class=\"wp-image-1582\" src=\"https:\/\/www.hostarmada.com\/blog\/wp-content\/uploads\/2021\/03\/Wavy_Tech-20_Single-12-1024x1024.jpg\" alt=\"\" width=\"464\" height=\"464\" srcset=\"https:\/\/www.hostarmada.com\/blog\/wp-content\/uploads\/2021\/03\/Wavy_Tech-20_Single-12-1024x1024.jpg 1024w, https:\/\/www.hostarmada.com\/blog\/wp-content\/uploads\/2021\/03\/Wavy_Tech-20_Single-12-300x300.jpg 300w, https:\/\/www.hostarmada.com\/blog\/wp-content\/uploads\/2021\/03\/Wavy_Tech-20_Single-12-150x150.jpg 150w, https:\/\/www.hostarmada.com\/blog\/wp-content\/uploads\/2021\/03\/Wavy_Tech-20_Single-12-768x768.jpg 768w, https:\/\/www.hostarmada.com\/blog\/wp-content\/uploads\/2021\/03\/Wavy_Tech-20_Single-12-1536x1536.jpg 1536w, https:\/\/www.hostarmada.com\/blog\/wp-content\/uploads\/2021\/03\/Wavy_Tech-20_Single-12-2048x2048.jpg 2048w, https:\/\/www.hostarmada.com\/blog\/wp-content\/uploads\/2021\/03\/Wavy_Tech-20_Single-12-24x24.jpg 24w, https:\/\/www.hostarmada.com\/blog\/wp-content\/uploads\/2021\/03\/Wavy_Tech-20_Single-12-36x36.jpg 36w, https:\/\/www.hostarmada.com\/blog\/wp-content\/uploads\/2021\/03\/Wavy_Tech-20_Single-12-48x48.jpg 48w\" sizes=\"(max-width: 464px) 100vw, 464px\" \/><\/figure>\r\n<\/div>\r\n\r\n\r\n\r\n<p>Finally, you should strongly consider installing and activating some WordPress security plugins that will provide you with additional layers of security and ensure the safety of your website all the better. There are many great developers and companies out there that provide great solutions to help better protect your WordPress sites.<br \/><br \/><strong>Here are some honorable mentions:<\/strong> <br \/><br \/><a href=\"https:\/\/wordpress.org\/plugins\/sucuri-scanner\/\" target=\"_blank\" rel=\"noreferrer noopener\">Sucuri<\/a><br \/><a href=\"https:\/\/wordpress.org\/plugins\/better-wp-security\/\" target=\"_blank\" rel=\"noreferrer noopener\">iThemes Security<\/a><br \/><a href=\"https:\/\/wordpress.org\/plugins\/wordfence\/\" target=\"_blank\" rel=\"noreferrer noopener\">WordFence<\/a><br \/><br \/>All our <a href=\"https:\/\/hostarmada.com\/cloud-ssd-shared-hosting\/\" target=\"_blank\" rel=\"noreferrer noopener\">Cloud SSD Shared Web Hosting solutions<\/a> come with the Imunify360 security already built into them. As your web host, this means that we are taking the initiative to increase the security of your web hosting environment and your WordPress security as a whole.<\/p>\r\n\r\n\r\n\r\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Wrapping_things_up_for_WordPress_Security\"><\/span>Wrapping things up for WordPress Security<span class=\"ez-toc-section-end\"><\/span><\/h2>\r\n\r\n\r\n\r\n<p>You&#8217;ve made it successfully through till the end (or simply scrolled down without reading everything. It&#8217;s alright we won&#8217;t tell anyone!), so we hope that you&#8217;ve enjoyed our post regarding how to improve your WordPress security as a whole. As you can see there is more than one method to go about this kind of safety improvement and there are plenty of individual WordPress components that require further securing and customization to bring about the best results.<br \/><br \/>Once again we reach the part where we tell you that you are fully welcome to reach back to us at any time as our support team stands ready to assist you. If you have further questions about WordPress security or would like to find out more about what HostArmada already provides you, don&#8217;t be shy and get back to us about it!<\/p>\r\n","protected":false},"excerpt":{"rendered":"<p>WordPress security practices change over time, while some remain consistent as the years go by, and then there are others that are brand new. This is all quite normal as our web hosting technology continually develops and innovates. Still, regardless of how securing a WordPress website was done in the past and how it will [&hellip;]<\/p>\n","protected":false},"author":4,"featured_media":1587,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[24,30,32,36],"tags":[],"class_list":["post-1554","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security","category-technical-tips","category-tips","category-wordpress"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.3 (Yoast SEO v27.3) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>WordPress Security: Best practices in 2021! - HostArmada Blog<\/title>\n<meta name=\"description\" content=\"WordPress security tips and tricks from the HostArmada web hosting team. Are you securing your WordPress website in the best way? Find out!\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.hostarmada.com\/blog\/wordpress-security-practices-in-2021\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"WordPress Security: Best practices in 2021!\" \/>\n<meta property=\"og:description\" content=\"WordPress security tips and tricks from the HostArmada web hosting team. Are you securing your WordPress website in the best way? Find out!\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.hostarmada.com\/blog\/wordpress-security-practices-in-2021\/\" \/>\n<meta property=\"og:site_name\" content=\"HostArmada Blog\" \/>\n<meta property=\"article:published_time\" content=\"2021-03-05T19:21:37+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.hostarmada.com\/blog\/wp-content\/uploads\/2021\/03\/wordpress-security.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"600\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Daniel Kirov\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Daniel Kirov\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"9 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.hostarmada.com\\\/blog\\\/wordpress-security-practices-in-2021\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.hostarmada.com\\\/blog\\\/wordpress-security-practices-in-2021\\\/\"},\"author\":{\"name\":\"Daniel Kirov\",\"@id\":\"https:\\\/\\\/www.hostarmada.com\\\/blog\\\/#\\\/schema\\\/person\\\/2f4b1b844de7a85de7b151fdde689caf\"},\"headline\":\"WordPress Security: Best practices in 2021!\",\"datePublished\":\"2021-03-05T19:21:37+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.hostarmada.com\\\/blog\\\/wordpress-security-practices-in-2021\\\/\"},\"wordCount\":1816,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/www.hostarmada.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.hostarmada.com\\\/blog\\\/wordpress-security-practices-in-2021\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.hostarmada.com\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/03\\\/wordpress-security.png\",\"articleSection\":[\"Security\",\"Technical Tips\",\"Tips\",\"WordPress\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.hostarmada.com\\\/blog\\\/wordpress-security-practices-in-2021\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.hostarmada.com\\\/blog\\\/wordpress-security-practices-in-2021\\\/\",\"url\":\"https:\\\/\\\/www.hostarmada.com\\\/blog\\\/wordpress-security-practices-in-2021\\\/\",\"name\":\"WordPress Security: Best practices in 2021! - HostArmada Blog\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.hostarmada.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.hostarmada.com\\\/blog\\\/wordpress-security-practices-in-2021\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.hostarmada.com\\\/blog\\\/wordpress-security-practices-in-2021\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.hostarmada.com\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/03\\\/wordpress-security.png\",\"datePublished\":\"2021-03-05T19:21:37+00:00\",\"description\":\"WordPress security tips and tricks from the HostArmada web hosting team. Are you securing your WordPress website in the best way? Find out!\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.hostarmada.com\\\/blog\\\/wordpress-security-practices-in-2021\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.hostarmada.com\\\/blog\\\/wordpress-security-practices-in-2021\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.hostarmada.com\\\/blog\\\/wordpress-security-practices-in-2021\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.hostarmada.com\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/03\\\/wordpress-security.png\",\"contentUrl\":\"https:\\\/\\\/www.hostarmada.com\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/03\\\/wordpress-security.png\",\"width\":1200,\"height\":600},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.hostarmada.com\\\/blog\\\/wordpress-security-practices-in-2021\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"HostArmada Blog\",\"item\":\"https:\\\/\\\/www.hostarmada.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"WordPress Security: Best practices in 2021!\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.hostarmada.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.hostarmada.com\\\/blog\\\/\",\"name\":\"HostArmada Blog\",\"description\":\"HostArmada official blog. Useful web hosting related articles.\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.hostarmada.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.hostarmada.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.hostarmada.com\\\/blog\\\/#organization\",\"name\":\"HostArmada Blog\",\"url\":\"https:\\\/\\\/www.hostarmada.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.hostarmada.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.hostarmada.com\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/06\\\/logo-png-300x43-1.png\",\"contentUrl\":\"https:\\\/\\\/www.hostarmada.com\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/06\\\/logo-png-300x43-1.png\",\"width\":300,\"height\":44,\"caption\":\"HostArmada Blog\"},\"image\":{\"@id\":\"https:\\\/\\\/www.hostarmada.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.hostarmada.com\\\/blog\\\/#\\\/schema\\\/person\\\/2f4b1b844de7a85de7b151fdde689caf\",\"name\":\"Daniel Kirov\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/0bf31156b99a25e66d0b89d80725c9b68e117a1720d59983438f892ab14585dd?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/0bf31156b99a25e66d0b89d80725c9b68e117a1720d59983438f892ab14585dd?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/0bf31156b99a25e66d0b89d80725c9b68e117a1720d59983438f892ab14585dd?s=96&d=mm&r=g\",\"caption\":\"Daniel Kirov\"},\"description\":\"Daniel, our Content Manager, joined HostArmada with over five years of experience under his belt in the web hosting sector in various roles, including customer care, sales, and technical support. His passion for writing and communications and his experience makes him the ideal person for the job. He is devoted to spreading wisdom and knowledge about the web hosting sector so that both clients and colleagues can benefit greatly. In his words, serving and educating others is the way to mutual prosperity.\",\"sameAs\":[\"https:\\\/\\\/hostarmada.com\\\/\"],\"url\":\"https:\\\/\\\/www.hostarmada.com\\\/blog\\\/author\\\/daniel-kirov\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"WordPress Security: Best practices in 2021! - HostArmada Blog","description":"WordPress security tips and tricks from the HostArmada web hosting team. Are you securing your WordPress website in the best way? Find out!","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.hostarmada.com\/blog\/wordpress-security-practices-in-2021\/","og_locale":"en_US","og_type":"article","og_title":"WordPress Security: Best practices in 2021!","og_description":"WordPress security tips and tricks from the HostArmada web hosting team. Are you securing your WordPress website in the best way? Find out!","og_url":"https:\/\/www.hostarmada.com\/blog\/wordpress-security-practices-in-2021\/","og_site_name":"HostArmada Blog","article_published_time":"2021-03-05T19:21:37+00:00","og_image":[{"width":1200,"height":600,"url":"https:\/\/www.hostarmada.com\/blog\/wp-content\/uploads\/2021\/03\/wordpress-security.png","type":"image\/png"}],"author":"Daniel Kirov","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Daniel Kirov","Est. reading time":"9 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.hostarmada.com\/blog\/wordpress-security-practices-in-2021\/#article","isPartOf":{"@id":"https:\/\/www.hostarmada.com\/blog\/wordpress-security-practices-in-2021\/"},"author":{"name":"Daniel Kirov","@id":"https:\/\/www.hostarmada.com\/blog\/#\/schema\/person\/2f4b1b844de7a85de7b151fdde689caf"},"headline":"WordPress Security: Best practices in 2021!","datePublished":"2021-03-05T19:21:37+00:00","mainEntityOfPage":{"@id":"https:\/\/www.hostarmada.com\/blog\/wordpress-security-practices-in-2021\/"},"wordCount":1816,"commentCount":0,"publisher":{"@id":"https:\/\/www.hostarmada.com\/blog\/#organization"},"image":{"@id":"https:\/\/www.hostarmada.com\/blog\/wordpress-security-practices-in-2021\/#primaryimage"},"thumbnailUrl":"https:\/\/www.hostarmada.com\/blog\/wp-content\/uploads\/2021\/03\/wordpress-security.png","articleSection":["Security","Technical Tips","Tips","WordPress"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.hostarmada.com\/blog\/wordpress-security-practices-in-2021\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.hostarmada.com\/blog\/wordpress-security-practices-in-2021\/","url":"https:\/\/www.hostarmada.com\/blog\/wordpress-security-practices-in-2021\/","name":"WordPress Security: Best practices in 2021! - HostArmada Blog","isPartOf":{"@id":"https:\/\/www.hostarmada.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.hostarmada.com\/blog\/wordpress-security-practices-in-2021\/#primaryimage"},"image":{"@id":"https:\/\/www.hostarmada.com\/blog\/wordpress-security-practices-in-2021\/#primaryimage"},"thumbnailUrl":"https:\/\/www.hostarmada.com\/blog\/wp-content\/uploads\/2021\/03\/wordpress-security.png","datePublished":"2021-03-05T19:21:37+00:00","description":"WordPress security tips and tricks from the HostArmada web hosting team. Are you securing your WordPress website in the best way? Find out!","breadcrumb":{"@id":"https:\/\/www.hostarmada.com\/blog\/wordpress-security-practices-in-2021\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.hostarmada.com\/blog\/wordpress-security-practices-in-2021\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.hostarmada.com\/blog\/wordpress-security-practices-in-2021\/#primaryimage","url":"https:\/\/www.hostarmada.com\/blog\/wp-content\/uploads\/2021\/03\/wordpress-security.png","contentUrl":"https:\/\/www.hostarmada.com\/blog\/wp-content\/uploads\/2021\/03\/wordpress-security.png","width":1200,"height":600},{"@type":"BreadcrumbList","@id":"https:\/\/www.hostarmada.com\/blog\/wordpress-security-practices-in-2021\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"HostArmada Blog","item":"https:\/\/www.hostarmada.com\/blog\/"},{"@type":"ListItem","position":2,"name":"WordPress Security: Best practices in 2021!"}]},{"@type":"WebSite","@id":"https:\/\/www.hostarmada.com\/blog\/#website","url":"https:\/\/www.hostarmada.com\/blog\/","name":"HostArmada Blog","description":"HostArmada official blog. Useful web hosting related articles.","publisher":{"@id":"https:\/\/www.hostarmada.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.hostarmada.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.hostarmada.com\/blog\/#organization","name":"HostArmada Blog","url":"https:\/\/www.hostarmada.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.hostarmada.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.hostarmada.com\/blog\/wp-content\/uploads\/2022\/06\/logo-png-300x43-1.png","contentUrl":"https:\/\/www.hostarmada.com\/blog\/wp-content\/uploads\/2022\/06\/logo-png-300x43-1.png","width":300,"height":44,"caption":"HostArmada Blog"},"image":{"@id":"https:\/\/www.hostarmada.com\/blog\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.hostarmada.com\/blog\/#\/schema\/person\/2f4b1b844de7a85de7b151fdde689caf","name":"Daniel Kirov","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/0bf31156b99a25e66d0b89d80725c9b68e117a1720d59983438f892ab14585dd?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/0bf31156b99a25e66d0b89d80725c9b68e117a1720d59983438f892ab14585dd?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/0bf31156b99a25e66d0b89d80725c9b68e117a1720d59983438f892ab14585dd?s=96&d=mm&r=g","caption":"Daniel Kirov"},"description":"Daniel, our Content Manager, joined HostArmada with over five years of experience under his belt in the web hosting sector in various roles, including customer care, sales, and technical support. His passion for writing and communications and his experience makes him the ideal person for the job. He is devoted to spreading wisdom and knowledge about the web hosting sector so that both clients and colleagues can benefit greatly. In his words, serving and educating others is the way to mutual prosperity.","sameAs":["https:\/\/hostarmada.com\/"],"url":"https:\/\/www.hostarmada.com\/blog\/author\/daniel-kirov\/"}]}},"_links":{"self":[{"href":"https:\/\/www.hostarmada.com\/blog\/wp-json\/wp\/v2\/posts\/1554","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.hostarmada.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.hostarmada.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.hostarmada.com\/blog\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.hostarmada.com\/blog\/wp-json\/wp\/v2\/comments?post=1554"}],"version-history":[{"count":26,"href":"https:\/\/www.hostarmada.com\/blog\/wp-json\/wp\/v2\/posts\/1554\/revisions"}],"predecessor-version":[{"id":1588,"href":"https:\/\/www.hostarmada.com\/blog\/wp-json\/wp\/v2\/posts\/1554\/revisions\/1588"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.hostarmada.com\/blog\/wp-json\/wp\/v2\/media\/1587"}],"wp:attachment":[{"href":"https:\/\/www.hostarmada.com\/blog\/wp-json\/wp\/v2\/media?parent=1554"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.hostarmada.com\/blog\/wp-json\/wp\/v2\/categories?post=1554"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.hostarmada.com\/blog\/wp-json\/wp\/v2\/tags?post=1554"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}