Skip to main content

Keeping your website safe and secure is getting more and more difficult each year. If you’re on WordPress, this is especially true. Luckily, there are some simple things you can do keep your website secure today by focusing on these three thing: Password, plugins, and hosting.

Secure Passwords

Bad passwords are constantly a major security issue online. When you’re setting your password to your website, if you set a password with only letter or only numbers, a hacker can get into your site in less than an hour if they really wanted to.

Here are some tips to set secure password:

  • Use more than 8 characters.
  • Use both lower case and upper case letters.
  • Use more than one number.
  • Use at least one special character.

By following these simple rules for passwords, you’re already making more site a lot safer than most.


If you’re on WordPress, you’re most likely going to be using plugins. But not all plugins are created equally. Some are going to be a lot more secure than other, some constantly release security updates, others don’t. Did you know that 90% of CMS hacks happen in WordPress? And it’s usually due to outdated themes, plugins, and extensions.

Here are some simple guidelines to reducing your plugin risk:

  • Avoid The Old: Don’t use old plugins that haven’t been updated in a while, they’re more likely to have security issues.
  • Check Sources: Only use plugins from a reputable source, such as the WordPress plugins repository.
  • Review: Check reviews before installing a plugin. If they’ve got a ton of negative reviews, especially recent reviews, avoid them.
  • Use Plugins With More Installations: WordPress will tell you how many times a plugin has been used, if it’s been installed a ton of times, it’s more likely to be safe.
  • Use WPScan: This is a great website that keeps track of all know vulnerabilities. Check for a plugin on here before installing it.


Your hosting can play a big part in your website security. Depending on who you’re hosting with, your host might keep backups of your site, offer brute-force protection, use a firewall, or keep your PHP updated for you.

Here is my list of recommended hosts:

  • Pressable: You can sign up for a hosting package from Big Red Jelly to get additional benefits on top of just hosting.
  • Kinsta: Managed WordPress Hosting, a little more pricey than Pressable.
  • WPEngine: Managed WordPress Hosting, a little more pricey than Pressable. Comes with some additional speed benefits though.

Do your research before selecting a host, so you can pick one that will properly defend your site and keep you online.

Keeping Your Website Safe And Secure

Beyond passwords, plugins, and hosting, there is a ton of other things you can do to keep your website secure. Follow me for more in-depth guides and work with me at Big Red Jelly for additional help with your website.