Part 2 of the ‘Healthy On-Page SEO’ series is about securing your WordPress website. Why? Because a website that gives the impression of not being safe because it’s full of spam, is not working correctly, or isn’t transparent is not user-friendly and will make you look unprofessional. It can result in
- people leaving your website faster,
- visitors to not return,
- and potential clients not wanting to do business with you etc.
All of the above mentioned points can have an impact on your search result rankings with Google & Co.
Remember, your site is your online store. Would you return to a physical shop if something feels off or dodgy? I don’t think so. Let’s go and explore a little further what exactly you can do to avoid creating that feeling.
1. Back your WP website up at least daily!
I don’t care if your hosting provider has a nightly or hourly backup. Believe me when I say that you should always add a backup to your plugin arsenal. I’ll even give you bonus points if you connect it to a remote storage like Dropbox or pClould!
Let’s be realistic. Any site can be hacked, but it’s more likely that you screw something up while updating plugins or testing something on your site (yes, I did many times). With your own backup you can restore your site without contacting your hosting provider with a few clicks and save precious time and nerves. Because the longer your site is down or not working as it should, due to whatever, the longer your visitors won’t be having the experience you want them to have.
If you’re new to WordPress, go with UpdraftPlus. It’s easy to set up and manage. WPvivid is also a great backup plugin with many extras. But maybe the possibilities are a little too much if you’re a WP beginner.
2. Choose the security plugin that works for you
Needless to say, you want your site to be as safe as possible to avoid having to spend a lot of money to remove viruses or worse. It would be bad for you, bad for business, and not good for your site’s visitors.
The two big players in terms of security plugins are iThemes and Wordfence. I tested both and preferred iThemes over Wordfence, simply because it’s easier to set up and manage. Even the free iThemes version is packed with many great features. Maybe Wordfence has them too, but the interface made it hard to find them. So I gave up. Being a minimalist that loves easy to navigate and clean dashboards, I choose iThemes.
3. Easy ways to earn 20K a month, dating sites and other X-rated messages
That’s what you’ll be inundated with if you have a blog that allows comments without having an anti-spam plugin. If I come across a blog post with many spam comments, I leave that site as fast as possible. It makes me wonder if the owner cares about the security of their site and their visitors’ security in general. How about you? Wouldn’t you have doubts too?
I say, stick with Antispam Bee (GDPR compliant*) or Akismet. Both are easy to set up and will save you a lot of headache.
*Make sure to cross-check the GDPR compliance for your situation. This is based on my research, and I’m not a GDPR-Guru nor a lawyer, which means this is NOT legal advice!
4. Content Delivery Network (CDN) = better speed + increased security
In a (non-technical) nutshell: A CDN stores a version of your website on all their global servers.
Let me explain using an example: Your hosting provider’s servers are in Europe, but somebody in Australia wants to have a look at your site. It would take a little longer for them to load and see your website’s content being in Australia than for somebody looking at your site that’s based in Europe because your website is hosted on a server in Europe. However, if you use a CDN it will quickly pull up the version of your website that they have stored on their server in Australia – or the server closest to Australia. That means the pages will be loaded faster; your visitor is happy and will most likely stay on your site longer.
What most aren’t aware of though, is that CDN’s also includes features that increase your website’s security. A bonus on top of the faster website experience. That’s another reason to use GreenGeeks as your hosting provider. They include a free CDN integration with Cloudflare. You can connect it easily from within your GreenGeeks cPanel and enjoy the benefits of a faster and more secure website.
5. Keep your plugins and theme up to date
Plugins and Themes are continuously updated to add new features, fix a bug, or make them more secure. Missing those updates can break your site, make it a target for hackers, or cause other issues.
Please always update your theme, plugins, and WordPress’s core version to the latest version. Before you do (yes, you’ve guessed correctly), run a backup so you can restore your website if something doesn’t work out as planned.
Tip: Set yourself a monthly, biweekly, or weekly reminder in your phone, calendar, or task management system to log into your site and do the necessary updates! If you don’t want to do it, get in touch with me ;)
6. Other stuff you can do to secure your WP website
For example, investigate the plugins you add to your website a little:
- Who are the makers?
- Have they gotten positive reviews?
- When was the plugin updated the last time?
Setting up Google Search Console for your site can also help you with security. It will warn you if it detects Malware, hacked content, and more. There are also ways to secure your website’s content to be alerted if somebody steals it, but that’s for another blog post.
Make sure to take care of the 5 points I’ve mentioned above: backup plugin, security plugin, anti-spam plugin, CDN, and updating your plugins, themes, etc. Once all of the basics have been implemented, you can look into Google Search Console and securing your content.
Let me know if I missed something you’re looking for or if you have further questions.