See Our PortfolioPricing Guide

5 Website Maintenance Tips You Need to Know

Your website is like a car. Both should be reliable tools that help you in meeting your needs and reaching your goals. And, just like your car, regular website maintenance can help keep your website running smoothly.

Think about it. You don't let your car regularly run out of gas or oil. You check fluid levels and take it for regular maintenance. Your website should be run with that same basic principle. Namely, a little regular maintenance prevents a massive headache if things go wrong.

5 Website Maintenance Tips to Keep Your Site Running Smoothly

Your website maintenance routine doesn't have to be complicated or take up a lot of time. There are just a few maintenance tasks that you need to perform on a regular basis in order to ensure your website is running at maximum efficiency. (Trust us, your Google Analytics results will also thank you.)

We recommend adding these five tasks to your website maintenance schedule if you haven't already.

1. Perform monthly security checks.

Every month, you need to carve out time to update and install any patches, bug fixes, or other regular updates that have been released for any and all software that your website uses. This includes your web server, database, operating system, content management system, and any other apps, plugins, or extensions you've installed.

While best practice is to install these updates when they are released, a scheduled monthly security check is a great way to make sure that no updates get overlooked.

2. Check your website's speed monthly.

You don't want your customers abandoning ship because of a slow loading speed, which makes Website Maintenance Tip #2 incredibly important. According to one report on website user experience, 52% of website users will abandon a website permanently if it loads too slowly.

A slow website leads to a higher bounce rate and lower conversion rate. Google has also added page speed as an element in their search engine ranking. There are many tools and plugins out there that will measure your website's speed for you. Our favorites are:

Related Reading: Top 10 Reasons Your WordPress Website is Running Slow

3. Review your site analytics monthly.

When you review your site analytics monthly, you will quickly get a good idea of what normal performance looks like so you can pinpoint when things are going wrong OR when something is going very right. Measuring key performance indicators (KPIs), looking at SEO rankings, and analyzing Google Analytics reports is the only way to stay on top of your site's performance. When done monthly, possible errors can more quickly be confirmed and resolved along with better benchmarks for future changes.

4. Check your website backups quarterly.

While some might recommend checking backups on an annual basis, most sites can change quite a bit in a short time which is why quarterly backups are a much better idea. This will minimize potential data loss in the case of a catastrophic event.

If you work with a hosting company that promises to back up your site for you, double-check that they are doing this at least quarterly. Otherwise, you can easily find a plugin that will help keep your site backed up and ready to go.

Related Reading: How to Back Up Your Website & Why It's Important

5. Update copyright notices and review legal disclaimers annually.

Typically sites post one copyright date across an entire site. This is done to clarify that content on that page and site are protected by copyright laws (at least in the United States). Generally, the copyright symbol is added along with the date of creation, but as websites are updated regularly it makes sense to also update the copyright date as well.

Another reason to keep your copyright and legal disclaimers updated annually is that the information you are required to disclose is constantly changing as new privacy laws are enacted at the state, federal, and international level. It's important to make sure that you are in compliance with all the laws your website is subject to and an annual audit is the best way to do that.

Bonus tip: Check for broken links on a regular basis.

Broken links are a red flag for browsers visiting your website. They show that you're not actively involved in your website and make your site look neglected. A broken link on your site is like a run-down shed behind a lovingly cared for house. The shed might not be in use anymore but it creates an eyesore that people use to judge the house as a whole.

Checking for broken links, both internal and external, is a fairly straightforward task, since there are a number of web-based and stand-alone tools that perform this task. These tools can also check for images and external files that are no longer hosted on your site so don't load.

Final Word

Your website is not a "set it and forget it" part of your business. While it doesn't have to be actively monitored 24/7, it also should not be left on its own. Google and other search engines are looking to promote sites that are secure, updated, and relevant. You can go a long way to nailing those first two with a regular maintenance schedule.

If you're interested in updating your site and getting help with maintenance services, Thrive Design would be glad to talk about how we can help revamp your website.

The safety and efficiency of your website are paramount to how well online traffic can find you, and what you have to offer. But how do you know if you are doing enough to keep your internet presence running smoothly?

The quick and dirty answer is, you don’t. But don’t despair. With everything moving so fast these days, it is close to impossible to stay ahead, many businesses struggling just to keep up. And that isn’t going to change any time soon.

How to keep your WordPress website safe.

Security - Solid security saves websites

1. Website safety starts with a daily backup.

Have you ever been working on a big project, taken hours of time, only to have your computer die, losing everything? It happens to everyone, at least once. Some more than others, usually out of laziness or not learning from the mistake of not backing everything up.

These days, computers can be set to auto-backup files in the event of a catastrophic system crash, but websites don’t have that luxury. For websites, understanding is based on a false assumption that if it is on the internet, it is forever, and that is simply not true. Your website can be deleted as easily as burning a photograph.

See Related: Why Privacy Policies Are No Longer Optional

This is why doing physical backups are crucial to keeping your infrastructure intact. Just like many of us send copies of pictures and documents to various cloud storage systems, backing up your website and all pertinent information to an external storage medium will ensure you have it if the worst should happen.

Encryption programs can also deter hacking. For your needs, there is a cadre of encryption software options that can allow someone with very little tech experience to place new, hardened barriers between you and the evil that might want to take your site down.

Most of what you do in the office is routine, and for good reason. Continuity in business provides the comfort of predictability. Unless you are Richard Branson, no one wants to be surprised by what your business does. So why not also set a very specific time each week, month, or whenever it works for you, to schedule a backup.

2. Solid security saves websites.

Everyone knows that for business, security is important. If it wasn’t, when you leave the office for the night, you wouldn’t lock the doors.

WordPress is one of the most popular website building platforms available, and its power is only matched by its versatility. The only drawback, it can be a victim of its own success, making it a target for breaches for hackers who have also used the software.

Fortunately, the brilliant minds that created this wonderful website builder thought of that in advance, and have preinstalled quite a few plug-ins into WordPress that are automatic once installed. Many of these features pertain to the security of the program, as well as the websites built within and WordPress requests updates regularly.

Bonus: More Security Tips

Hosting sites that can be used in conjunction with WordPress will also have their own safety measures, but they still can’t quite catch all the online dangers that might afflict your site. It is your responsibility, as a business owner, to seek alternative security options, if you want to keep your site safe. Wordfence is a wonderful option for this very purpose.

There is another option, but it is a little tricky and must be approached with caution. This pertains to hiring outside security companies to maintain your website’s security interest. You are relinquishing control to an outside party, however, if they fail, it is still your business that will be damaged, not theirs.

3. Give your website needs some TLC.

website maintenance

Everything breaks down eventually, and your website is no exception. Scheduled and thorough upkeep is the only way to keep your website, and by extension, your business, humming.

Updates will only attach to the appropriate software, and if you have let your website maintenance slip through the cracks of your busy schedule, the software might not have been installed, meaning updates will not attract to the existing code. Keeping up with constant new products and services available to your website is the only way to stay ahead of any updates that might show up.

On the plus side, you already have a schedule for backups, and should have added one for maintenance, so throwing your updates into the mix will only add to the overall efficiency. And there are three main updates to look for, and those are WordPress updates, Plug-in updates, and theme updates.

Always make sure you have backed up everything before you do any scheduled maintenance and the installation of updates. And check periodically that your website is still functioning properly after the updates are installed if you do a bundle of them.

4. Avoid using a bargain-basement host.

are you using a bargain-basement host?

Web hosting has become an invaluable resource when trying to get maximum visibility on the internet. Without it, it is very likely no one will be able to easily find your site. And while it does seem like a ploy to get another internet business more money, the benefits of pairing your website with a quality web hosting service definitely outweigh the cost overall.

For instance, top-quality web hosting services have equally high-quality security programs built into their service. And in the spirit of “you get what you pay for,” if you are paying for low-cost service, you are going to get low-cost results. Springing for a better quality hosting program, like Blue Host, will ensure you get the best bang for your buck.

One big upside to cracking open your piggy bank for a better hosting service is that cheaper-minded business won’t use up the resources, because the quality host won’t have as many websites to keep an eye on. In the more economical option category, sure you get hosting, but sharing with thousands of other websites spreads everything out a little thin.

Less competition for hosting resources means less time for the customer to wait for your site to load. With the increased speed of the internet, patience is no longer a virtue, but a liability and the average web surfer will wait about 5 seconds for a page to load before they move on. This can cost you tons of traffic.

Bottom line, and we mean that literally and in reference to your company finances, web hosting is one of those things you don’t scrimp on. Pay for the best hosting service you can fit in your budget. It's a business expense, so it is tax-deductible, so you’re going to get it on the back end anyway.

BonusHow Javascript Is Used In Web Design?

5. Be proactive, not reactive - DON’T wait until disaster strikes.

website security pro active

The boy scout motto is “Be prepared.”

In business, you can plan ahead, look to the future of any and all scenarios and devise contingencies in the event something discussed actually comes to pass, or you can wait, and hope, and then freak out when the unexpected does happen, reacting with fear, doubt, and other useless emotions that have no place in business.

A proactive approach is an efficient approach. A logical, rational, forward-thinking plan, mapping out exactly what to do if the worst should happen, keeps your head in the game when the whole thing seems to be crumbling around you. After all, that’s why fire drills and lifeboat drills were created.

Final word.

Do you have the know-how to keep your business afloat if your website crashes? Do you have someone who can restore everything in the event of a catastrophic failure? Have you made a plan, double-checked the plan, then made a plan B and C, just in case?

If you answered NO to any of these, you are not alone, and now you definitely have some things to think about. New insight inspires change. And for a lifeline, there are services like the WordPress Care Plan, a monthly service that keeps an eye on your site, does off-site backups, keeps up with any and all updates, and many, many more features.

Your business is important to you, and your website is an extension of it. For much of your incoming traffic, it is the first impression that can make or break their idea of you in an instant. For a savvy business owner, taking your web security seriously is of the utmost importance, and must never be left to chance.

Keep Reading: WordPress represents 90% of hacked websites, here's what you can do about it

Thrive Design is a customer-centric web design and development agency from SeattleContact us today to find out how we can elevate your business online! Find us on Clutch, UpCityLinkedInFacebook, and Twitter.

Once you’ve built the website of your dreams, it’s important to ensure it’s taken care of properly. You wouldn’t buy a car without auto insurance and take it in for maintenance and oil changes. And that’s what one of Thrive’s care plans is: insurance and care for your investment.

So let’s talk about what a website care plan is, why it is essential to your business, and what we include in our care plans here at Thrive.

All about care plans.

What is a "website care plan"?

website maintenance plans

A website care plan is a set of bundled services that we use to keep your website operating in tip-top shape. These services include security, performance, backups, monitoring, malware protection, and more. Depending on the package you choose, we even will fix broken links and update your content. All of this is essential to make sure that your customers can find you, hire you for your services, buy your products, and generally keep you in business.

You could take care of all of these little bits and pieces yourself. You could find different contractors to take care of it all. OR you could trust us at Thrive knowing that we’ve spent countless hours researching these services and honing our skills at keeping websites up and running.

Why invest in a care plan?

You’ve spent a lot of time and money building the best website design possible. A website you’re proud of. A website that generates leads and brings in customers. A website that looks and performs great. A care plan ensures that your website continues performing the way you need to keep business flowing as usual. The cost of a monthly Thrive website care plan is a small investment to make to ensure smooth operations.

See Related: Web Design vs Web Development

What we include in our care plans.

There are a lot of things that go into keeping a website running behind the scenes. We’ve outlined each element that goes into the different levels of our care plans on our “Website Care Plans” page. Let’s take a more in-depth look at these elements and why we include them.

  1. Premium hosting service from Kinsta.
    We think the hosting service from Kinsta is one of the best in the business. Their plans start at $30 per month but, with the Thrive care plan, a premium plan is included in the cost you pay.
  2. 24/7 website monitoring.
    If your website ever goes down for any reason, Thrive is notified. We jump on it and fix it before anyone notices.
  3. Daily backups.

    We also backup your websites daily, both on the server and in a remote location, far far away. Because you never know what can happen with a particular host or data center. We just always want to make sure, no matter what, you have redundant backups.
  4. Weekly checks on security and performance.
    We perform a performance test every week to make sure your site is performing at 100%. This check will see how fast your website is loading and if there are any anomalies we need to take care of. Security is critical to your website’s success. Unfortunately, WordPress represents 90% of all hacked websites in the world. But our weekly security checks make sure you are doing just fine. Let’s take a break from the list for a quick second and talk about WordPress and security. You may be wondering why WordPress represents 90% of all websites that are hacked even though they represent 35% of all websites in the world.One word: plugins.
    WordPress has more than 56,000 distinct plugins in their repository. These are little pieces of software that enhance the WordPress experience, but it’s important to make sure that they are updated on a weekly basis. Most of the time Thrive spends on care plan services are in the updates to these plugins and making sure that everything works fine after those updates. And this takes us to the next item on our list.
  5. Weekly WordPress core and plugin updates.
  6. Customized and regularly updated Privacy Policy and Terms of Services pages. Another part of our care plan is to create your privacy policy & terms of service pages. There is a lot of misunderstanding about whether your website needs these pages if you are not collecting any information. This isn’t true. We work hard to protect you from any liability around privacy by partnering with a company called Termaggedon to create these pages and keep them updated as laws change so you never have to worry if your terms are service are up to date.
  7. Weekly database optimization to enhance performance.
  8. Quarterly theme and plugin license review.
    Every quarter, we make sure that your licenses are up to date and let you know if anything needs to be updated.
  9. Zero-day vulnerability patching.
    A zero-day vulnerability is when WordPress has identified a vulnerability but there is no patch available. This means that the vulnerability has to be taken care of by the website owner. When we get a notification about a zero-day vulnerability, we go in and take care of it so you don’t have to worry.
  10. SSL included in hosting.
    SSL is a pretty standard feature in website care packages these days. SSL ensures that visitors have a secure connection to your website.
  11. Malware protection and removal.
  12. Premium email deliverability from your website.
  13. Monthly website health report.
    Every month, you will receive a care plan report that details all the activities we've done for your website in the previous month. This includes all the updates and backups, the uptime of your website, security performance, and any other metrics you need to know.
  14. Licensed use of our commonly used plugins.
    We have purchased $1,200 worth of licenses for our most commonly used plugins. These include gravity forms, advanced custom fields, Beaver builder, a lot more. The basic care plan includes access to all of these plugins.

See Related: Why Is Web Design Important?

For the majority of our clients, our website care basics plan covers what they need. However, there are some clients who have a lot of different changes they want to be done on their website. For them, we have an unlimited care package. This package includes everything listed above in addition to:

  1. Unlimited content updates
  2. Monthly fixes of broken links
  3. Monthly 301 redirect fixes
  4. Monthly strategy call
  5. Quarterly website review

Final word.

Your website is not something you can set and forget. Cybercrime is on the rise. Updates and vulnerabilities happen every day. Plugins fail. Hosting services crash. A thousand things can go wrong. A dedicated web team is one way to ensure your website performs safely, securely, and predictably. An easier way is to invest in one of Thrive’s website care plans. Contact us today to see how we can help keep you up and running, no matter what.

Thrive Design is a customer-centric web design and development agency from SeattleContact us today to find out how we can elevate your business online! Find us on Clutch, UpCityLinkedInFacebook, and Twitter.

Today there are about 60 million WordPress websites. WordPress commands a 60% market share of all content management systems crushing their 5 competitors who combined have a market share of16% (Joomla, Drupal, Shopify, Wix, and Squarespace).

As with Windows (with a 78% desktop OS market share), this popularity comes with a price. Those zombie computers across the interwebs are searching for vulnerabilities day and night. It isn’t even hackers anymore. Hacking these days is set on autopilot.

What you need to know about WordPress security.

WordPress's most popular feature is also a big liability.

Having such a big target on WordPress's back is exacerbated by one glaring issue in its platform: the use of 3rd party plugins.

Plugins, in my opinion, are both the best and worst part of the platform only because of stability and security issues.

However, the security threats can be mitigated by having a well thought out strategy to monitor and update your plugins weekly.

As of September 2019, there are 55,133 WordPress plugins available in the market. According to this report published by Imperva, only 3% of these plugins were added in the year 2018. This means the vast majority of plugins are old and most have not been updated in years (or ever).

The older your WordPress website the more likely you have a security vulnerability.

In fact, 70% of all WordPress websites are vulnerable right now. A plugin becomes insecure when a vulnerability is found within code it is written in (PHP). New versions of PHP are being released every year and the plugins fall behind in their security.

This isn’t just an issue with WordPress. All code must be monitored and updated in order for it to be secure. It just so happens that WordPress is the #1 target so we must take extra care.

Every week we receive notices of vulnerabilities found in new plugins. For example, Forbes released an article in August 2019 titled Critical 'Backdoor Attack' Warning Issued For 60 Million WordPress Users

Another one just today (9/19/2019) exposed a vulnerability in a piece of software installed on tens of millions of WordPress installations.

That’s all and good, but how can I protect myself?

When it comes to WordPress security, you have to be proactive. Such measures include:

Backup your site regularly.

The worst possible thing that could happen to your website is a deletion without a backup.

I receive a call about once a month from a potential client whose website has gone completely down. Sadly, about 25% of them do not have a backup.

The first thing we do as a company when taking on a new client is reviewing their backup system. We must have a daily backup in case we need to restore the website.

Don’t get yourself into the scramble of having a hacked website with no backup.

There are three crucial aspects of your backups.

  1. Off-site backup: You should have your site’s backup stored in an external service such as Google Drive or Dropbox. Just in case your service provider does not ensure the recovery of your site, this off-site backup will come to your rescue!
  2. Regular schedule: A regular schedule for updating your site should be followed depending on the scale of your business. A small business’s website needs to be updated less often as compared to a large corporation’s site.
  3. Encrypted: If you store customer information we recommend a solution that encrypts your site’s data

Keep your website’s security high.

As a business owner, it should be your utmost priority to keep your website safe and secure. No matter which hosting company you opt for and how much security it guarantees you, the ultimate burden of the security of your site rests on your shoulders.

First and foremost, you should install a security plugin such as WordFence. It will help you in making your site safe and secure.

Second, if you are outsourcing your website development, make sure that you keep control of password management in your hands. If anyone other than you want to access your site, make sure that they have different login credentials that can be deactivated by you anytime you want to.

Third, make sure the user “admin” does not exist on your website.

These are just the basics but they will get you started.

Make sure that your website is well-maintained

Your WordPress site like ar car. If you want it to function well, you have to take care of it. This requires time every week and it is worth it. Protecting yourself by routine maintenance is always many times less expensive than a cleanup job.

As part of your website’s regular maintenance, you should take care of the following items:

  1. WordPress updates: Every now and then, WordPress itself releases an update to its software. Be sure to check for and apply these changes once a week.
  2. Plugin updates: Whatever plugins you are using, do not forget to check their updates every week. Make sure you enable all the available updates to keep your website secure.
  3. Check backups: Double check whether your backups are being stored to an external location or not. If they are not getting stored, this is a serious security breach. You should fix it as soon as possible.
  4. Run a security scan on your plugins once a week using a program such as WordFence.

Choose a reliable web hosting service for your website

When it comes to web hosting, numerous options are available and they come down to 2 types: shared and managed.

Shared hosting is absolutely the cheaper option, but you end up paying for it in the end with the degradation of performance, security, uptime. This is because thousands of websites can be located on a single server. If anything goes wrong with any of the sites on the server, your site could suffer too. This causes the websites to load at a snails pace and it is common to have mail deliverability issues from the website as they share the same IP address.

We believe so strongly in the benefits of managed hosting that we do not work with clients that are on shared hosting.

We feel that shared hosting is expecting someone to be a stellar runner when all you feed them is junk food.

I know that businesses are always looking out for ways to save money, but trust me, this is the last thing you should be saving out money on.

Can’t I just take care of my WordPress security myself?

You can, but we don’t recommend it.

A plumber is skilled in changing faulty pipes. A chef is proficient in cooking. An architect is adept at sketching building structures. Likewise, you are good at managing your business. Instead of focusing on your core business, if you will start looking after your website, you will need to become an expert at this or items will slip through the cracks.

You have a business to run and outsourcing items like this allows you to focus on working on your business and not “in it”.

However, if you do go with the DIY approach be sure to have a schedule for your plugin updates, security scans, 24/7 monitoring, and daily backups and follow the above recommendations.

If you are looking for a rock-solid host, we highly recommend Kinsta.

If you get stuck and are looking for a company to take care of your security and hosting (we also use Kinsta), then check out our Care Plans.

Thrive Design is a customer-centric web design and development agency from Seattle. Contact us today to find out how we can elevate your business online! Find us on Clutch, UpCityLinkedInFacebook, and Twitter.

Just like your phone and your computer’s operating system, your website requires maintenance. Every month it seems my phone and computer require a major software update. Your WordPress website needs the same care and attention so it can be online all the time to showcase your products & services.

Top 2 reasons to invest in a Care Plan.

To protect your customers' security.

Hackers target WordPress more than any other platform online. WordPress has a 60% website market share of content management systems and 52,000+ available plugins that can be hacked. It is just too big of a target for hackers to ignore.

When a WordPress website is hacked, it isn’t even humans behind a computer doing the work. Most of the time it is an autonomous computer script that finds the vulnerability in an outdated WordPress plugin, theme, or even WordPress itself.

The top 3 goals of hackers are to steal sensitive information, install software that infects your website visitors with a virus, or send spam through your website.

When a website is hacked it must be cleaned or restored from a backup. Unfortunately, most of the cut-rate hosts limit backups to 30 days' time or put the responsibility of backups on you. This includes GoDaddy, Bluehost, and Hostgator.

Shockingly, 70% of all WordPress websites are vulnerable right now. Read this article for more stats around WordPress vulnerabilities. If you are a major data nerd, check out Sucuri’s annual report with a complete breakdown of all hacked websites in 2017. (Not) fun fact: 83% of them were WordPress.

To protect your investment.

Many people don’t know what a care plan is, let alone what contains. Here is what we at Thrive provide as part of our basic care plan.

Why we don’t recommend the DIY approach.

Maintaining a website is more complicated than one would think at close glance. Updating a site directly from the WordPress admin doesn’t store a record of what was done. If an update to a plugin created an issue down the road, it would be difficult to know what changed and how to revert back without restoring a very old backup and losing content changes, sales orders, form submissions, etc.

Care Plans are one of our core services. There’s no panic when there’s a plugin conflict during an update or tricky issue to debug. We’ve seen it all. Over the years we’ve received calls with people with broken websites and incomplete backups. Many times the cost of a whole year of a Care Plan is needed to fix the issue when there is no complete backup. Just like a car, it costs more to fix it than it does to maintain it properly. Regular oil changes help keep your car running smoothly and regular website care helps keeps your website purring along at optimum performance.

Call in a pro.

Why not focus on your business and let us help you with what we know best? Would you change the pipes in your bathroom or call a plumber? Then why try to maintain your own website if that isn’t your trade? By securing an experienced WordPress company to care for and support your site properly you are actually saving potential lost revenue and customers.

Secure a Care Plan for your website! Contact us to learn how we can keep your site in proper working order.

We are certified as Care Plan experts through WP Elevation, the most accredited WordPress training company in the world.

WordPress Care Plan

Thrive Design is a customer-centric web design and development agency from SeattleContact us today to find out how we can elevate your business online! Find us on Clutch, UpCityLinkedInFacebook, and Twitter.

Few things make me feel worse than a hacked website without a backup. WordPress security is not something many website owners think of but with over 32% of the internet using the technology it is the biggest target out there.

Top 5 WordPress security mistakes

WordPress is great but it's not perfect. If you aren't diligent about your security protocols, it's like putting a target on your back. Here are some common mistakes we find among our new clients.

1. Not backing up your website daily and never testing restoring website process.

If the worst should happen, having a recent, clean version of your website is the easiest first step in getting back to normal.

2. Neglecting to update plugins, themes, and WordPress software.

Did you know that over 70% of hacked WordPress websites are due to outdated/vulnerable software?

3. Using "admin" as a username.

This is the default username for all WordPress websites, meaning it's the first thing that bad actors will guess when trying to hack your website.

4 Going cheap on hosting (Godaddy, Hostgator, Bluehost).

Cheap hosting sites aren't performing the necessary checks frequently enough to keep you as safe as possible.

5 Not having a security plugin or uptime monitoring.

These two items are crucial for knowing when your website is working...and when it isn't.

Are you looking for help with your website security?

We cover security, backups, hosting, and many other services as part of our website care plan.

Thrive Design is a customer-centric web design and development agency from SeattleContact us today to find out how we can elevate your business online! Find us on Clutch, UpCityLinkedInFacebook, and Twitter.

Websites are hacked by autonomous machines these days... not by humans hacking individual sites. These machines (aka bots) search the internet for vulnerable websites day and night.

We get calls every month from people whose websites got hacked. If you own a WordPress website, I have some very specific things you can do to protect yourself.

Protect yourself and your visitors with these 7 tips.

1. Backup your website daily.

Don’t assume your web hosting does this for you. Many hosting companies do not and, if they do, they charge you to access it and it typically only goes back 30 days.

2. Update your WordPress themes, plugins, and core software once a week.

This is the #1 reason for hacked WordPress websites and it’s simple to do. You just need to have diligence when doing it. Check out our Care Plans, as we do not recommend a DIY approach.

Never use admin as a username

3. Never use "admin" as a username.

That is what WordPress comes with out of the box and it should be changed immediately. Create a new administrative level user and delete "admin."

Use a super secure password

4. Use a super-secure password and store it in a program like so that you don’t have to remember it.

A password should be so secure that it’s impossible to memorize. Think lots of special characters and uppercase/lowercase combos.

Don't use the default wp-admin URL for your dashboard

5. Don't use the default wp-admin URL for your dashboard.

Use WPS-Hide Login plugin to do just that!


6. Install Wordfence.

There are way too many options to talk about here. Wordfence audits your website security, lets you do virus checks, and even lets you block whole countries from viewing your website.

protect wordpress website hacking

7. Don’t give out your login info.

Instead, create a separate administrative login for trusted developers to use. That way you can turn it off.

Thrive Design is a customer-centric web design and development agency from Seattle. Contact us today to find out how we can elevate your business online! Find us on Clutch, UpCityLinkedInFacebook, and Twitter.

People often ask me why anyone would want to hack their website. There are three main reasons why they want to breach your security.

  1. They want your website to send out spam.
  2. They want data your website may contain such as mailing list details, credit card information, or user passwords
  3. They want to install code that will download malicious software onto your website visitor's machines

You can avoid being one of the 33,000.

How do you avoid being hacked?

  1. First of all use a ridiculously secure password to your backend website. Store this password in a program such as LastPass so you never need to remember it.
  2. Rotate your passwords every quarter.
  3. Don't use the same password on other accounts. Remember if you use a program like LastPass you'll never need to remember it, even while using your phone.
  4. Never use "admin" as a username.
  5. If you use WordPress, make sure your themes, plugins, and the core software are updated weekly.
  6. If you use WordPress, install and configure security plugins like WordFence and BruteProtect.
  7. Finally, choose a hosting company that has ridged security protocols. That $3-a-month hosting company might not be your best option.

How do you know when your website is down?

Let Pingdom do that for you. It's easy to sign up for a free account that will monitor your website.

What do you do if your website goes down?

First, contact your web host or the web developer in charge of your website. You'll need your host login to do this. From there, open up a ticket saying your website is not loading and include a screenshot. For faster action, give your host a call. Just be prepared to wait in line unless it is a managed hosting company such as Kinsta.

Are you looking for help with your website security?

We cover security, backups, hosting, and many other services as part of our website care plan.

Thrive Design is a customer-centric web design and development agency from Seattle. Contact us today to find out how we can elevate your business online! Find us on Clutch, UpCityLinkedInFacebook, and Twitter.

Thrive is a Seattle web design company focused on helping you grow. If you believe in what you do, have a proven offer, and would like to increase your online presence and authority, let’s chat.
General Inquiry
Start A Project
2002 - 2023
Thrive | All Rights Reserved
PrivacyTerms of ServiceAccessibility
Made with ❤ by Thrive