How We Keep our WordPress Websites Secure

Claire
Posted by

WordPress is the dominant Content Management System (CMS) and currently powers an astounding 28% of the web. This is due to its flexibility, ease of use, security as well as being a great SEO platform. To get the most out of this power-house CMS, you need to know how to secure it and how to keep it up to date.

Keep your website version up to date

It is critical to update your WordPress website as soon as a new release becomes available (check the latest version here). As part of our standard client service here at Moove, we ensure that all of our client sites are updated as soon as a new WordPress release becomes available, particularly important security patch releases.

We have a wide range of sources to keep our knowledge up to date including alerts from security sources such as Securi and we are always looking to fully utilise all of the tech platforms that we use as a team to keep everyone up to date and informed. Recently, one of our superstar Developers created a nifty little integration with our communication tool Slack to ensure that the whole team receives up to the minute notifications when new WordPress updates become available. You can read more about how we did this in this post.

Keep your knowledge up to date

As well as subscribing to security news, we recently attended a security seminar hosted by AppCheck where they presented real-time security scenarios, performed website penetration techniques and highlighted how to prevent malicious hacks. The insights and advice were very useful and it was interesting to learn more about preventing security breaches such as [tweet_dis excerpt=”SQL injections are still the #1 source of data breaches and have remained in top 10 OWASP list since 1988. ” sc_id=”sc1″]SQL injections – which are still the number one source of data breaches and have remained in top 10 OWASP (The Open Web Application Security Project) list since 1988.[/tweet_dis]

In staying up to date with the latest in security advice, we give our clients peace of mind as we ensure that we build our sites according to best-practice. We implement security standards such as HTTPS, two-factor authentication, IP Whitelists, strong passwords and we limit the use of plugins – only using the most popular, well-supported and robust plugins. We also work in partnership with managed hosting providers WP Engine to provide our clients with a very secure hosting environment, you can read more about WP Engine’s security environment here.

If you would like to discuss how to keep your website secure then please get in touch with us.

Let's connect