• Skip to main content
  • Skip to primary sidebar
  • Skip to footer

Office To-Go

WordPress Websites & Virtual Assistant

  • Services
    • Websites
    • Creative Services
    • Business Support Services
  • Portfolio
    • WordPress Websites
    • Creative Services Portfolio
  • Testimonials
  • Blog
  • About
    • Privacy Policy
      • Cookie Policy
    • Terms & Conditions
    • Safe & Secure Shopping
    • Sitemap
    • Terms of Service
  • Contact
You are here: Home / WordPress Tips / Top 10 WordPress Tips

Top 10 WordPress Tips

June 29, 2010 by Cyndi Papia

When Office To-Go takes over WordPress website maintenance or a new project, we employ these security measures and recommendations.

1.  Keep headers/logos under 125 pixels high. It takes up valuable viewing space, especially for laptop users, that is best left for the good stuff to appear “above the fold.” Take a cue from the big companies, simple logos done well say it all. This is our #1 pet peeve – screaming logos and headers!

Security Tips2.  Use STRONG passwords of 10 or more characters and DO NOT use “admin” for a username. Create a new user profile assigned to the administrator role, log back in with the new user profile and DELETE the admin file. It can’t be said strongly enough:  use strong passwords for WordPress and any other site which requires passwords. This strong password generator makes it easy for you here.

3.  Use secret keys. A secret key is a hashing salt which makes your site harder to hack and access harder to crack by adding random elements to the password. Visit https://api.wordpress.org/secret-key/1.1/salt/ and copy the keys into your wp-config.php file and re-upload. You can change or add them at any time. Note: All current WordPress cookies will be invalidated and your users will have to log-in again — minor inconvenience in the name of security.

4.  Select your plugins wisely, too many will slow down your site. Badly coded plugins are a hacker’s back door into your website.

5.  Install the WordPress Firewall Plugin. This plugin investigates web requests with simple WordPress-specific heuristics to identify and stop most obvious attacks.

6.  Move your configuration file one level above the root directory of your server (if you’re running WP in the root directory of your site as opposed to yourdomain.com/blog subfolder).

7.  Do not use wp_ as a prefix for your databases. Most hosts are eliminating that default now but if yours does not, change wp_ to anything else but that.

8.  Install Wordfence security plugin.

Backup WordPress Easily9.  BACK UP your site regularly and keep a copy on your computer and/or off-site storage. If you have a very active site, back up daily. You spend a lot of time and money on your website, don’t skip this! The one complete solution that does it all is BackupBuddy (affiliate), no other plug-ins back up your files, widgets, plugins and database. Need to move your site to another host, this will do it in less than a few minutes!

10. Rewrite your .htaccess file to lock down your wp-admin directory by IP addresses. Add the following code to your file, replacing xxx.xxx.xxx.xxx with your IP address:

AuthUserFile /dev/null
AuthGroupFile /dev/null
AuthName "Access Control"
AuthType Basic
order deny,allow
deny from all
#IP address to Whitelist
allow from xxx.xxx.xxx.xxx

Share this Article

Filed Under: WordPress Tips Tagged With: Plugins, Security

About Cyndi Papia

Tea Addict, Animal & Nature Lover, WordPress Geek

Cyndi's commitment to old-fashioned customer service (since 1998) and down-to-earth ethics has helped her build a business almost entirely on past clients and their referrals. Join me on Facebook.

Primary Sidebar

How Can We Help You?

We’re here for YOU every step of the way! Our clients and colleagues have come to trust our know-how and can count on us to be around today . . . and tomorrow. Helping enterpreneurs online since 1998.

Contact Us

Search Blog Archives

NameHero Web Hosting
Goat on photograph of grass
Stack of colorful books, eBook reader and stylus
 

Footer

Contact Info

Cyndi Papia, Website Specialist

Email • Contact Form
 Toll-free: 888-851-4426

Resources

Free Resources
Recommended Services

Clients Trusting Us Online Since 1998

© Copyright 1998 - 2023 Office To-Go · WordPress Design & Development · Made in the USA · All Rights Reserved

Disclosure: Some links on this website may be affiliate links. If you make a purchase from one of our affiliate links, we may earn a commission.

We only endorse products and services that we use ourselves and/or trust.