Si desea crear un sitio Web que mantenga a los visitantes regresando, deberá dedicar una cantidad significativa de tiempo y seguramente dinero a la compañía. Luego de todo, lo último que querrás es ver tu sitio comprometido o pirateado. En pocas palabras, asegurar la seguridad de su sitio debe ser una prioridad máxima, tanto durante su desarrollo como posteriormente.
Fortunately, WordPress hace que el trabajo de proteger su sitio be relativamente fácil. Hay una serie de pasos simples que puede seguir, junto con una gran cantidad de complementos confiables que puede usar que brindan características de seguridad más avanzadas. En general, apuntalar su sitio requerirá sorprendentemente poco esfuerzo y probablemente obtendrá los beneficios a largo plazo.
To begin, we are going to explain five vital tips to strengthen the security of your WordPress site. Let's start with the basics!
1. Back up your site regularly
Maintaining a backup of your site is simple with a plugin like UpdraftPlus.
It is important to start by recognizing that no matter what you do to protect your site, there is always the possibility that something will go wrong. Finally, no security measures can provide protection for the 100%, so it is vital to keep a backup of your site. That way, if a disaster strikes, you have a way to recover.
Al mismo tiempo es muy recomendable hacer una copia de seguridad de su sitio antes de realizar cambios importantes, razón por la cual abordamos este consejo primero. La mayoría de las sugerencias a continuación implican instalar complementos y modificar la información del Username, y querrá crear una copia de seguridad antes de llevar a la práctica cualquiera de ellos.
To get started, check with your hosting provider as they may already create backups for you. If not, or for added security, consider installing an appropriate security plug-in. We recommend UpdraftPlus for its ease of use and reliability. Regardless of the solution you choose, put your site backups on a regular schedule and keep them in a safe place.
2. Keep WordPress core, themes and plugins up to date
Your dashboard will notify you when important updates are available.
Del mismo modo que con las copias de seguridad, es imprescindible actualizar su sitio con regularidad. WordPress es un target principal para los piratas informáticos dada su popularidad, y habitualmente aparecen nuevas amenazas de seguridad. Por suerte, WordPress se toma muy en serio estas amenazas al lanzar e instalar de forma automática frequent security updates.
Choosing WordPress as your preferred platform means you're already starting off on the right foot. Regardless, it is important to ensure that every part of your site is up to date. Major WordPress updates will require manual intervention as they usually make significant changes, and the same goes for installed plugins and themes. Luckily making these updates is a simple process, just remember to back up your site first!
3. Select a "secure" username and password.
WordPress can help you create strong, hard-to-hack passwords.
When creating a username and password to log into an important service, you'll want to select hard-to-guess credentials. The same principle holds true for your WordPress website. If a person (or bot) can have access to your account, they will have free rein regarding your site and its data.
At the same time it is tempting to stick to the default settings management username, but we strongly recommend that you don't. After all, it's the first thing hackers will guess if they want to crack your password. Instead, choose a username that is difficult to predict or use an email address instead. As for your password, the simplest solution is to use WordPress' built-in password generator, which will provide you with something random and secure.
If you haven't created your WordPress site yet, you can simply try these tips when installing. Regardless, if you already have a site and regret the credentials you chose, don't worry. You can Reset your password and change your username whenever you want.
4. Limit third-party access to your website
It is important to carefully consider the permissions you grant to other users.
There is a concept of information security called 'principle of least privilege', which states that you should never give a user or program more access than necessary. This is a basic but crucial consideration, as it is the best way to limit the potential for security breaches and information misuse.
Limiting access is vital when there are many different users accessing your site. Regardless, it plays a role even if you are the only one running the program, as it applies to plug-in access at the same time. Luckily, there are some simple steps you can take to limit third-party access:
- Only grant users the permissions they need. As an example, don't give admin access to someone who just needs to write posts.
- Likewise, only provide plugins and themes access to your site when you really need them, and make sure they are reliable and secure.
- Remove user access for those who no longer need it, and remove themes and plugins when you stop using them.
- Set your folder and file permissions carefully.
Plugins and themes are immensely useful tools, and it can be great to have a team help you with your site. Just make sure you ultimately control who can access and use your site and your data.
5. Install a comprehensive security plugin
Plugins like Wordfence Security It can provide you with a number of vital functions.
We have already mentioned a couple of plugins that perform specific tasks associated with security. Regardless, there are other comprehensive options available that will cover most of your site's security needs. They can be a real time saver and if you choose one that is well backed it will be updated regularly to handle new threats and concerns.
Anyway, when looking for a security plugin, it is crucial to choose one that is trustworthy and trustworthy. Look for one with great user ratings and positive reviews, check how often it updates, and consider the amount of support the developer provides.
You can find many security plugins by searching the WordPress Plugin Directory. Regardless, if you're not sure which one to choose, we recommend Wordfence Security. Podría decirse que es el complemento de seguridad de WordPress más popular y ofrece opciones de seguridad básicas, un firewall y otras funciones de bloqueo. Al mismo tiempo posibilita la autenticación de dos factores, así como el escaneo y el monitoreo regulares de su sitio, datos y traffic.
If Wordfence does not have everything you are looking for, at the same time you can choose for alternatives such as IThemes Security (which at the same time creates regular backups) and Sucuri Security (que monitorea y registra todo lo que sucede en su sitio). Independientemente del complemento que elija, una búsqueda rápida en el buscador de Google debería mostrar una serie de tutoriales para comenzar.
Respaldar su seguridad no es la parte más emocionante de la creación de un sitio web de WordPress, pero su relevance no debe subestimarse. Cuanto más pensamiento y esfuerzo ponga en la seguridad de su sitio, menos probabilidades tendrá de encontrarse con un desastre. Dar algunos pasos básicos ahora para proteger su sitio le brindará una tranquilidad bien merecida más adelante.
Have a question about keeping your WordPress site safe? Let us know in the comment section!
