Tutorial - 7 Tips for improving website security

[westnz]

Topic Description

Practical steps to improve website security and protect your site from hackers.

Related Resources

Links to related content on Learn, HelpHub, DevHub, GitHub Gutenberg Issues, DevNotes, etc.

• [ ]

Guidelines

Review the team guidelines

Tutorial Development Checklist

• Vetted by instructional designers for content idea
• Provide feedback of the idea
• Gather links to Support and Developer Docs
• Review any related material on Learn
• Define several SEO keywords to use in the article and where they should be prominently used
• Description and Objectives finalized
• Tutorial created and announced to the team for Q/A review
• Tutorial reviewed and ready to publish
• Tutorial submitted and published to WPTV
• Tutorial published on WPTV
• Tutorial captioned
• Tutorial created on Learn.WordPress.org
• Tutorial post reviewed for grammar, spelling, etc.
• Tutorial published on Learn.WordPress.org
• Tutorial announced to Marketing Team for promotion

[westnz]

Tips.to.improve.website.security.mp4

[digitalchild]

I would suggest Patchstack as another security plugin, as you mention it in the security focused blogs. Everything else, great.

[bhowe]

One point a lot of users (at least my clients have a problem with) two factors is some of these plugins offer too many options. It's great that (wp 2fa) offers email with OTP in the free version maybe some mention of that?

[westnz]

Thank you @bhowe

[askdesign]

Hi Wes,
This is good topic and I think you narrowed it down to most of the key things to consider. Here are my thoughts:
2:29 - Do you want to mention the PHP version?
2:34 - Before updating themes and plugins, users should make sure they have backed up the site.
3:22 - I recently used All in One Security on a couple of sites and think it's great. Maybe you could mention that in addition to the others.

Other important things to mention, which may take you beyond "7" steps:

• use a reliable webhost
• usernames: never use "admin"
• install an SSL certificate
• use a SPAM detector

[westnz]

Thank you for the helpful feedback @askdesign

[a-newcomer]

Hi Wes,

Great tutorial, I especially admired the examples you gave for every point, they struck me as clear and straightforward for people new to WordPress.
Some minor points - I might add a modifier to the title to let people know in the title what level the tutorial is for - "7 basic Tips...", "7 Easy Tips...", "7 First Tips" so beginners know it's for them - I know that the tutorial is labelled as beginner, but are those classes going to show up in search engine results outside of WordPress? The title will. Also, the final point you made, following security blogs, might be a useful tip for people who are a bit more advanced - I might switch that point out with the username reminder suggested by @askdesign.

[westnz]

Thank you very much @a-newcomer 😉

[westnz]

Published: https://learn.wordpress.org/tutorial/7-tips-to-improve-website-security/

[westnz]

Updated and added to the Beginner User learning pathway.