Flickr Page Twitter PageFacebook Page RSS Feed Call us on: (+233) 268858882

A Quick Guide to Protecting Your WordPress Powered Website


It was a pleasure working with Okyere, every step of the way he provided strong sense of direction that made our web site matching online brand for our services. Tony Quaye, NDK Financial Services Ltd


WordPress is now the open-source CMS of choice.  But like any web platform, it isn’t perfect.  The responsibility for keeping the installation secure falls solely to you, not to a faraway company.

As a designer, I am occasionally asked to peek “under the bonnet” of other WordPress sites, and I tend to go pale when I see a site that has no security safeguards in place.  It’s a bit like keeping your front door locked, but leaving the key under the mat.  Without some security precautions, breaking in is that easy.

There are plenty of lists and posts out there with excellent information on how to protect your WordPress site, but not everyone has the time or the technical inclination to see it through.  With that in mind, here is a list of a few critical steps you should take to protect your WordPress site.  These will take a minimum of five minutes, and no more than 15.  When I set up a new WordPress install, I do not do one click worth of work until I have run through these security safeguards. Make it your own habit to do the same.

This audit will provide your WordPress site with a healthy standard of essential security and protection.  The three security scanner plugins do have some overlap, but I doubt you will mind.  If you want to explore more advanced options for protecting your WordPress sites, here are some definitive lists:

It goes without saying that you should keep your WordPress installs updated to its most recent version at all times.  This summer’s attack wave preyed on sites which still had older installations running.  Newer versions of WordPress allow upgrades with one click; and if your server is like mine and does not like the automatic system, manual upgrades take less than five minutes.

WordPress Security Audit

This is a great example of what the security audit can reveal. This is a client site I picked up from another designer. This screen grab from the WP Security Scan plugin shows that the site’s core files were all ripe for the picking. It’s a dangerous security hole that only took a minute to correct.

Think this isn’t your problem?

Some might say that you should not engage in security procedures like this unless the client specifically instructs you to do them – and more to the point, pays you to do them.  That’s a dangerous game to play.  When you decided to use an open-source platform for your client’s site, you consented to the fact that you would have to take responsibility for the work going out under your own name.  Open source is not a cash cow which gives you a means to squeeze money out of your clients just to assure the basic running of the software.  If you feel you should be paid extra before doing upgrade work – either as a prerequisite for installation or as an added feature on top – think about what it will cost you in the long run to have your clients’ web sites defaced during a hacking wave because they were not adequately protected.  Being proactive about your existing clients’ ongoing needs – even if there is no pot of wealth in it for you – is what separates the real web designers from the shysters.  Choose where you want to be.

Speak to someone!

We are always eager to help you find out what package is best for your business.

Please call (+233) 26 8858882
to talk to us.

Get Social:


What They Say

picture We are happy to work with Okeros everytime for our web needs, Okyere and his team are a pleasure to work with right from the start.

by: Edem Akoussanh, Director