Print this page

Agents: How Secure Is Your Blog or Site?

Written by Posted On Monday, 12 October 2015 17:37

Posting a "news flash" or "latest sold" to your blog is so fast and easy that you may forget this easy access can also mean your blog and its database are not secure from online attack. Are you doing all you should to ensure your online presence is secure from hacking and other online attacks?

Blogs or websites may be developed or published on various platforms, but one of the most popular is WordPress because it's simple to use and free.

Open source WordPress reportedly powers 25% of the internet including CNN, TED, and UPS, so chances are this online publishing platform is driving your blog or website. WordPress enables brilliant, immediate content management of text, photos, videos, posts, comments…. Problems arise when users are eager to learn about "bells & whistles" that jazz up posts and pages, but ignore or skip over security and preventative maintenance.

If the previous statement describes you, attracting prospects and clients to your blog and website may mean bringing them and their data into an unsecure environment. Are you thinking beyond your goals of pitching properties and gathering leads to ensure your online efforts protect privacy and data for visitors?

All blogs and websites can expect attack, so professional web designers and developers include firewalls, virus detectors, and numerous security strategies in every site they work on. The challenge comes when untrained users tackle blog design and development without considering security with each step. The detailed content and instructions in the WordPress online manual and at — a hosted version of the open source software where 50,000 new blogs appear each day — enable even an ultra newbie to create a blog and keep it secure. Almost everything WordPress is free or low-cost, so explore, learn, and experiment.

Anticipate attack! It's not "if" but "when." Invest time preventing problems and your blog or site may not crash when you need it most.

Here's 9 Essential WordPress Security Fixes to Head Off Attacks:

1. Update Update Update Everything

Update WordPress, plugins, and design-template Themes when new versions pop-up. These updates address the latest internet-hacking issues. Updating makes your blog less attractive to attackers searching for easy access through out-dated software, especially plug-ins and Themes.

2. BackUp Regularly

Secure your content and databases by backing up, with one copy stored off-site in case of fire. When code has been modified to customize blog design, backup is essential or the changed code will be erased. (Also see #4) Be realistic about your time commitments. If you often forget to backup, consider a paid automatic backup option.

3. Passwords

Weak or predictable passwords are wide-open invitations for automated password attacks. If your criteria for a password is making sure it's easy to remember, you are your own biggest security problem. Use phrases—the more nonsensical and longer the better. Periodically change passwords. Upgrade admin user and set up a secure login.

4. Use Child Themes

Instead of changing the original Theme code to customize the blog's look or function, create a Child Theme — a partial-overlay of the Theme — to use for that modification and you'll stay in control of what is visible online. When updating, WordPress will read the Child Theme modifications first and then go to the original Theme for the balance of the code. You might design a separate Child Theme for different seasons or promotional campaigns. Free themes abound and there are also many paid versions that include support and other benefits.

5. Boost Security through Hosting 

Security plug-ins like Wordfence protect your site from hacks and malware, but web hosting providers like (disclosure: one of my hosts) and take security a lot further. Enterprise-level services like include cloud management to serve business-critical organizations using WordPress like the Bank of Canada. Ask about firewalls and other security measures; check reviews. Stick to hosts offering Secure File Transfer Protocol or SFTP for file access, transfer, and management—this will make sense once you dig into WordPress or hire a web designer.

TIP: Using hardwired net connections is more secure than WiFi, especially on public WiFi networks.

6. Keep Default Theme

Don't delete the default Theme which was there when you started. If something goes wrong and your chosen Theme collapses, WordPress will revert to the default theme and attempt to keep your site up and functioning until calm is restored.

7. Monitor Continuously

If you don't have time to monitor attacks and system problems, a paid service may be the answer. What is the best approach to be sure someone has an watchful eye on your blog and knows what to do when problems arise? Be skeptical of every claim and verify everything. For instance, screen for malicious websites before accessing or passing urls on to visitors:

8. Attend WordCamp

I attended WordCamp 2015 and received fast-forward insight into how WordPress works and how I've been getting in the way of some terrific built-in security. WordCamps present "everything WordPress" in events held around the world. After each meeting, videos and slides from presentations are posted online to share tips, cautions, and solutions. Great place to meet WordPress professionals who can take care of security and let you concentrate on sales and marketing. Thanks to all who shared these WordPress Security Tips.

The degree of security you undertake must be in proportion to the value you want to protect. Collect only the prospect and client information that is essential to serving them and make sure this information is secure. As a professional, it's your responsibility to not store unnecessary personal, contact, and financial information — information that if compromised could make prospects and clients vulnerable.

Should your visitors trust you?

If you are interested in WordPress, find out about the next WordCamp in your area. May see you there….

Rate this item
(2 votes)
PJ Wade

Futurist and Achievement Strategist PJ WADE is “The Catalyst”—intent on Challenging The Best to Become Even Better. A dynamic speaker and author of 8 books and more than 1800 published articles, PJ concentrates on the knowledge, insight, communication prowess, and special decision-making skills essential for professionals and their clients who are determined to thrive in the 21st-Century vortex of change.

PJ Wade's latest business book, What's Your Point? Cut The Crap, Hit The Mark & Stick! ( further proves PJ's forward-thinking expertise and her on-point ability to explain technical, even non-verbal, communication details in practical, understandable terms. Print publication: Fall 2017

PJ: “What's Your Point? — the pivotal 21st-Century business question—must be answered before you open your mouth, hit a key, or tap anything. Too often 'Your Point' is not clear to you, and communication remains an expensive illusion.”

As The Catalyst, PJ concentrates on enhancing communication ROI for experienced advisors, executives, entrepreneurs, business owners, and other savvy professionals, who may not have received as much formal training in communication as they have in their own field.

PJ’s on-point professional development programs and featured presentations start where other business content leaves off. What's Your Point?  programs, presentations, and content present the rich combination of practical suggestions, game-changing concepts, and on-point perspectives essential to those rising to the challenge of modern effective business communication—online & off.

Onward & Upward — The directions that really matter! Reach PJ at and visit her Blog:

Latest from PJ Wade