Is WordPress Secure?

Short answer: yes.

Long answer: Yes, if you use one bit of secret knowledge, and add a few sensible precautions.

First, the secret: do not use the magical one-click install your hosting service provides through services like Softaculous or Fantastico. These installs have been linked to security holes, most likely because they’re used by folks who want this to be easy, not necessarily right. Instead, you can do it yourself with a tiny bit of help from your hosting company. (If they won’t set up your database for you, consider moving to more helpful hosting.)

Next, use real passwords. It doesn’t have to be hard.

Finally, keep it up to date. WordPress is great about issuing updates when a flaw is found. Keep your install updated.

Bonus: use a free theme from Automattic, the folks who make WordPress. They also list plugins they’ve created on their WordPress profile. Straight from the horse’s mouth is usually a safe bet for safety.

Commonsense (and that one special trick) is all it takes to keep WordPress safe.

That, and a good regular backup.

This entry was posted in Security, Wordpress and tagged , , , , , . Bookmark the permalink.

What do you think?