Security is pretty important. In fact, security is damn important. Hackings of your website can cost you valuable downtime, embarrassing visuals, get you in trouble with Google and cost you the chance to make money.
Security measures come down to two basic things: Preventative, and the ability to restore.
To restore, this means you have a backup system in place. Thankfully, with MainWP as your WordPress maintenance tool, you have easy access to options to backup your site. In a previous article, we talked about the various ways you can create backups using extensions for the MainWP plugin.
In this article, we are going to address ways to be preventative using your MainWP plugin and some of the extensions available.
Being able to be preventative is called hardening your WordPress website. WordPress has an excellent overview in the Codex,
Security also transcends the WordPress application. It’s as much about securing and hardening your local environment, online behaviors and internal processes, as it is physically tuning and configuring your installation. Security is comprised of three domains: People, Process, and Technology. Each work in a synchronous harmony with each other, without the people, and their processes, the technology itself would be useless. Keep this in mind as you work through this guide, the threat landscape is constantly evolving and as such so should your security posture.
On this page, they give a good overview of some of the things to do to make your WordPress install much more secure.
Sometimes, the WordPress Codex can be hard to digest. Therefore, I am listing a few other sources that give an overview of making your WordPress install more secure.
Manage all your WordPress sites with the MainWP Dashboard
WordPress Management for Professionals
Are you ready to go Pro?
All MainWP Pro Extensions are available through one of our convenient bundled packages.
MainWP Security Extensions
MainWP gives you access to three free plugins that can help you create a more secure WordPress website, right from the comfort of your own main dashboard. This allows you to control security measures for all of your customers’ sites from a central location.
What do you get when you combine the world’s best security scanner with your MainWP Dashboard? A sigh of relief!
The Sucuri extension is free to scan each site and you don’t even have to pay Sucuri for a plan to use the site can feature. If you are managing a WordPress website from MainWP, this should be in your maintenance checklist.
The MainWP Sucuri Extension uses Sucuri’s proprietary SiteCheck Tool to scan your sites. SiteCheck provides web-based malware scanning of your web sites using the latest in fingerprinting technology.
This gives you a quick way to determine if your web applications are out of date, exploited with malware, or even blacklisted by popular search engines all directly from your MainWP Dashboard!
In case you forget to scan your sites, MainWP Sucuri Extension will remind you. Also it will save all your scan reports! MainWP Sucuri Extension
The only drawback here is that you cannot initiate scheduled scannings, but the extension will remind you to initiate a scan of your website. This is due to Sucuri’s Terms of Service. Nevertheless, it should be something you add to your maintenance checklist each time you login to your MainWP dashboard.
The Vulnerability Checker is designed to check for vulnerabilities in plugins and themes.
MainWP Vulnerability Checker extension uses WPScan Vulnerability Database API to bring you information about vulnerable plugins and themes on your Child Sites so you can act accordingly.
From within your dashboard, you can do a quick scan of your plugins and themes and the extension will give you results you can use to make decisions about replacing or updating plugins and themes.
Wordfence is one of the most popular security plugins and allows users to make many of the configurations necessary to keep their WordPress websites secure. Wordfence also comes with a nice live scan feature to help notify if someone is trying to hack your site or login when they shouldn’t be trying to login.
Wordfence has over 2 million + active installs and an extremely impressive average of 5 stars rating.
Wordfence includes an endpoint firewall and malware scanner that were built from the ground up to protect WordPress. Our Threat Defense Feed arms Wordfence with the newest firewall rules, malware signatures and malicious IP addresses it needs to keep your website safe. Rounded out by a suite of additional features, Wordfence is the most comprehensive WordPress security solution available. WordPress.org
The Worfence MainWP Extension allows you to monitor your websites using the popular plugin from within the central MainWP Dashboard.
Wordfence is definitely one of the most popular security plugins. Is it the best security plugin? That question has a subjective answer. Nick Schäferhoff had this to say in conclusion of a review on Wordfence,
Wordfence is by far the most popular WordPress security plugin and deservedly so. Even the free version offers loads of features to keep WordPress sites safe and off spam lists. From an extensive security audit over a full-featured firewall to heaps of additional options, the plugin will do its best to keep hackers and other shady individuals at bay.
If Wordfence is your favorite security plugin, rest assured you can use it with the MainWP setup. It does cost $39 for the extension. However, it is included in a MainWP Membership.
If Wordfence is the most popular security plugin, iThemes Security is right there. Formerly it was called Better WP Security. The plugin posts 600,000 + active installs and a solid rating in the WordPress repository.
The iThemes Security Extension allows you to control the iThemes Security settings for all your child sites directly from your MainWP Dashboard. MainWP
The extension is $39 or a part of a MainWP Membership plan.
Clean and Lock
The final security extension is the Clean and Lock MainWP Extension. This is a free extension which allows you to customize your MainWP Dashboard,
The MainWP Clean and Lock Extension will enable you to quickly remove unwanted WordPress sections from your Dashboards admin area. With a clean dashboard backend you will be able find things easier saving you valuable time.
Also, you can lock down your MainWP Dashboard to keep anyone other than you from logging into the dashboard and accessing your installs.
This is another security measure for your own MainWP dashboard, and ultimately, the sites you manage.
Wrapping it up
WordPress security, like cybersecurity, is not a once and done or set it and forget it endeavor, however, many tools can help free up your time. WordPress professionals have to keep their fingers on the pulse of security efforts by keeping up with the best practices.
As Sucuri says in their WordPress security guide,
WordPress security is about risk reduction, not risk elimination. Because there will always be risk, security will remain a continuous process, requiring frequent assessment of these attack vectors.
It is best to monitor rather than depending solely on an automated process. You need both, and with the extensions that MainWP offers, you can create the perfect combination of tools and the ability to monitor your maintenance websites.