The best way to keep your WordPress website secure is by keeping it updated. Your core WordPress installation, your theme, and all your plugins need to be updated as new updates are released.
Inside your WordPress dashboard you will see notifications when you need to update something as shown in the image below.
To save yourself some time, you can set up your WordPress to update everything automatically. I prefer to update my sites manually in case there is some sort of error that needs to be addressed.
Keeping the latest version of WordPress, themes, and plugins is essential to keeping your site secure.
When updating WordPress, themes or plugins I recommend you follow this procedure.
- Back up your site
- Update WordPress
- Check to ensure your site works
- Back up your site
- Update your theme
- Check to ensure your site works
- Back up your site
- Update plugins one-by-one
- Check to ensure your site works
- Back up your site
Backing Up Your WordPress Site
The easiest way to backup your website is to use a plugin such as BackupBuddy. You just have to download, install and activate BackupBuddy just like any other plugin. It’s not a free plugin and can cost you between $80 and $200 depending on what you need.
Updating WordPress
Most people set their WordPress to update automatically, but if yours doesn’t, it’s easy to do. First go ahead and make a backup of your site. Then go to the WordPress dashboard, click on “update” and wait for it to finish. Never stop it during the process or you’ll run into problems. Once it’s done updating, check to make sure everything still works.
Updating Your Theme(s)
Your theme(s) will also need to be updated. Sure, you only have only one active theme, but some people have additional themes that are deactivated. Make sure that they are all up-to-date First, go ahead and back up your site. Then tick the box for the theme and hit “Update Themes”. Let the update finish completely and then check to make sure everything works.
Updating Your Plugins
You’ll find that plugins need to be updated quite often. If you have a lot of plugins you might even have daily updates. It’s very important to keep the plugins updated to avoid vulnerabilities. Plugins update the same way as themes. Inside your dashboard, you just tick the box for the plugin that you want to update and then click “Update Plugins”. Wait for the update to finish and then check to make sure everything still works. I recommend updating plugins one-by-one in case there are issues.
Keeping your WordPress site updated is an essential part of having a secure, working website. You don’t want to lose everything you’ve worked so hard on by simply not taking the time to update your site.
Need help maintaining your WordPress website? Take a look at my WordPress Security and Maintenance packages.