{"id":4118,"date":"2022-03-09T13:13:53","date_gmt":"2022-03-09T13:13:53","guid":{"rendered":"http:\/\/wpx.net\/kb\/?post_type=ht_kb&p=4118"},"modified":"2026-02-12T14:48:57","modified_gmt":"2026-02-12T14:48:57","slug":"how-can-i-keep-my-wordpress-sites-secure","status":"publish","type":"ht_kb","link":"https:\/\/wpx.net\/kb\/how-can-i-keep-my-wordpress-sites-secure\/","title":{"rendered":"How can I keep my WordPress sites secure?"},"content":{"rendered":"\n

We have implemented different security levels on our servers to keep your websites safe. However, as we mentioned in our Malware removal rules and security standards article<\/a><\/strong>, the security of your website is a 2-way street: WPX & YOU. Here we will discuss the WordPress security tips that you should implement on your sites. <\/p>\n\n\n\n

\n
\n DID YOU KNOW?<\/b>
\n WPX customers NEVER EVER waste time researching & fixing frustrating \n security issues
BECAUSE we fix it for them fast & free. Fact.
\n And our WP hosting plans start at \n \n $11.99 monthly<\/a>.\n <\/div>\n<\/div>\n\n\n\n

WordPress Security practices that you should use. <\/h2>\n\n\n\n

Limit access:<\/strong> <\/h3>\n\n\n\n

Reduce the number of people who have administrative access to your WordPress site to a minimum. You can also reduce the number of possible entry points. This can be done by only installing web applications that you need and use. <\/p>\n\n\n\n

Stay Up-to-Date:<\/strong><\/h3>\n\n\n\n

Do your best to stay up-to-date with your WordPress site, including plugins, themes, and the PHP version. The latest version of WordPress is always available from the main WordPress website<\/a>.<\/strong> Official releases are not available from other sites\u2014never<\/strong> download or install WordPress from any website other than https:\/\/wordpress.org.<\/strong><\/a><\/p>\n\n\n\n

Also, you can just install WordPress <\/strong><\/a>with a few clicks from the WPX Control Panel. This way you can be sure that the source of your installation is not compromised. <\/p>\n\n\n\n

Trusted Sources<\/strong>:<\/h3>\n\n\n\n

Aside from being extremely dangerous, using nulled\/cracked plugins is a violation of our Terms and Services<\/a> <\/strong>and is grounds for immediate termination<\/strong> of your account.<\/p>\n\n\n\n

Secure your Working Environment<\/strong>:<\/h3>\n\n\n\n

Do not download plugins and themes from sources that are not trusted. Googling for a free version of a premium plugin is asking for trouble. Malicious people and organizations distribute what are known as \u2018nulled\u2019 plugins and themes that come bundled with malicious code and malware. <\/p>\n\n\n\n

Make sure that your local computer, browser, and routers are up to date, and free of any spyware, malware, and virus infections. Consider using tools like NoScript<\/strong> (or disabling JavaScript\/flash\/java) in your browser and VPNs to encrypt your online communication when moving around and using different public Wi-Fi hotspots. You should also secure your mobile devices and install any updates as soon as they become available.<\/p>\n\n\n\n

Always use strong passwords:<\/strong><\/h3>\n\n\n\n

The purpose of your password is to make it difficult for other people to guess and to help prevent a brute-force attack. The key to making a strong password is making it complex, long, and unique. It is recommended to use a password generator for all passwords or create passwords that would only make sense to you personally.<\/p>\n\n\n\n

If you want to use reliable software that generates and stores all of your passwords for you, we recommend using KeePass<\/strong>. All you have to do is download the application and create a database file that will take care of the rest of your password by entering the file using a master password.<\/p>\n\n\n\n