Hi, I am maintaining a lot of WordPress website everyday. Each time when I want to know that my sites are secure or not then I face some common problem to do that. I try to remember what I did for this before, I search through on my notes, I search on goggle. Every time I miss some important key point to check. I cry when my server is hacked by some one and lost my data and files and I have no backup of those. Sometimes I have backup of my data but at a critical moment I can not find theme because my data/files are not organized in a proper way. I am wasting a lot of my valuable time to do this simple work. Now I decided to make a list of tasks to keep my WordPress site secure and updated . From now I am following checklist to make me organized against my WordPress security. Schedule these tasks on a regular . My checklist is bellow.
WP Security Setup Checklist:
- Install WP-DB Backup or Backup Buddy
- Install Akismet or Bad Behavior
- Install Login Lockdown
- Limit Login Attempts
- Install Wp Security Scan
- Schedule Automated Website Backups
- Take Inventory of Your Website Files – ALL Files
WP Security Maintenance Checklist:
- Schedule these tasks on a regular, appropriate basis.
- Back Up Manually Using cPanel
- Check WP Security Scan
- Manually Check Site Files
- Change Passwords
- Update Themes
- Update WordPress
- Update Plugins
- Delete Inactive Users and WordPress Installations
- Check for Fake ‘admin’ users
- Check File Permission Settings
Critical Website Information Checklist:
Have this information handy and also keep it in a safe place!
- WordPress Logins
- Domain Registrar Login
- Hosting Company Login
- Email Logins & Settings
- FTP Login Information
- Google Accounts
This is a solid checklist! Thanks for sharing. You may also want to look into Wordfence. It’s a very powerful plugin that scans your site for malware, viruses, trojans, malicious links and more. There’s both a free and premium version.