32 steps to WordPress website security ultimate checklist: Steps 13 ~ 17

Website security is an important issue that many new WordPress users can easily ignore. How to ensure WordPress site security is also a difficult problem faced by many users who have just come into contact with WordPress. This series of tutorials on WordPress teach you to introduce a series of steps to protect your WordPress website security. We have devided these steps into 32 steps, today introduced the WordPress website security ultimate checklist Step 13 ~ 17.

WordPress website security ultimate checklist Step 13

WordPress website security ultimate checklist Step 13 ~ 17

13. Update your website only on trusted networks

Many times, we treat free WiFi as a perk.

But the paranoid security monster(like me), will be upset in such a distrust of the network (such as your downstairs in the fast-food restaurant) to update the site.

32 steps to WordPress website security ultimate checklist: Step 13 ~ 17

Open WiFi environment, data is easily stolen. If you have access to your WordPress admin background in such a distrustful network, then you may reap more than just“free WiFi”.

Remember to only update your website in a trusted network, such as at home, or in the office.

14. Install antivirus software on your local computer

Imagine a computer virus on your desktop computer.

Remember, the primary goal of the virus is to replicate and spread itself as much as possible. For computer viruses, isolate it and never let it spread to your website.

To deal with the virus, the most widely used way is to install anti-virus software. Many websites are infected because some of them do not have anti-virus software installed on their computers.

It is very bad.

The virus on your desktop computer will quickly replicate itself and may soon be infected to your site. The virus may also steal your password, bank card number, and other personal information.

Make sure that you install anti-virus software on your local computer and update the virus database in a timely manner to protect the data on your local computer and remote sites.

15. Monitor website security using similar services like Google Search Console

Strictly speaking, this is not a security suggestion for a WordPress site; it is a supplement to the steps you have taken to protect WordPress security.

Google Search Console is the original Google Webmaster tool, mainly used to monitor the display of your site in Google search results.


Google and other search engines want your website to be free from any malware. If Google Search Console finds any malicious Trojan on your console, it will give you suggestions.

Although Google Search Console is not the best solution, because it only provides processing suggestions after your site is hacked, rather than taking action to deal with the problem; but it can give you a timely reminder that you can deal with the situation as soon as possible.

16. Use the security protection Plugin to protect your WordPress website

Before we talk about so many security checks, not very trivial, some steps may also need some knowledge of some technical knowledge, in order to repair your WordPress site.

Now we need to have a more active defense. Our advice is to give your WordPress site a bulletproof security plug-in to fully protect your website.

Many of these plugins are in the top 25 most popular WordPress plug-ins, also introduced a few, namely the (Jetpack plug-in package, including security module), (All In One WP Security & Firewall) and (Two Factor Authentication) etc.

However, in terms of website security, the most powerful and professional WordPress free plugin, is the All in One WP Security & Firewall plugin. The plug-in profile called himself ” comprehensive, easy to use, stable, and has good technical support WordPress security plug-ins”. Currently, there are more than 400,000 WordPress sites installed this plugin.

17. If the other steps fail, then use the Backup Recovery site

We’ve tried to list all of the steps you can take to enhance the security of your WordPress site, and you should try to do it as much as possible. However, we can also expect that, in practice, you may inadvertently ignore one or more of these steps.

However, this one step you must not skip!

If your website is inadvertently hacked, the most important thing for you is a full backup!

For your WordPress site (and also other sites), the thing you should never forget to do is “back up! Back up! Back up!”

Important things to say three times!

Not only to prevent website intrusion, but you can use the backup to prevent a variety of accidents, technical errors, and other disasters. Have a backup to ensure that your site can be back to normal as soon as possible from the accident.

Some plug-ins can help your WordPress site data backup, we want to introduce in front of you two popular plugins e.g, UpdraftPlus plug-in and All-in-One WP Migration.

When you have a backup plan, in case your site is hacked, you should know that you should follow the steps to find the vulnerability, restore the backup, patch the vulnerability. Let your site resume operation, and prevent re-invasion.

Special note:

After you have made a backup plan for your website, you should regularly test whether the backup can be used for recovery. Install a test site, and then try using the backup data recovery. The worst thing is, you feel like you’ve made a backup, and when you need it, you find it useless.

Also read: Top 10 Things To Do After Installing WordPress

If you liked this article, then please follow us on social media and don’t forget to Subscribe to our mail list.

(Unfinished, continue reading…)

You May Also Like

About the Author: WPC Staff

WPCrons staff has long-term experience of WordPress & like to constantly spot problems and plotting how to solve them. We believe you don't need to be a nerd or a programmer or a network engineer to make a difference.

Leave a Reply

Thanks for choosing to leave a reply. Your opinions and comments are very important to us, and your email address will NOT be published. If you need a private conversation then use our contact form. Please add an avatar if you do not have and make the comment section more beautiful.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it. Accept! No, thanks!

Why my browser don’t show me the coupon?

By default, Google Chrome and some other browser block pop-ups from automatically showing up on your screen. When a pop-up is blocked, the address bar will be marked Pop-up blocked Pop-up blocked.

ComputerAndroidiPhone & iPad

  1. On your computer, open Chrome.
  2. At the top right, click More More and then Settings.
  3. Under “Privacy and security,” click Site settings.
  4. Click Pop-ups and redirects.
  5. At the top, turn the setting to Allowed or Blocked.

  1. On your Android phone or tablet, open the Chrome app Chrome.
  2. To the right of the address bar, tap More More Settings.
  3. Tap Site settings and then Pop-ups and redirects.
  4. Turn Pop-ups and redirects on or off.

  1. On your iPhone or iPad, open the Chrome app Chrome.
  2. Tap More More and then Settings Settings.
  3. Tap Content Settings and then Block Pop-ups.
  4. Turn Block Pop-ups on or off.

Share via


Subscribe to get FREE updates

Join 1000s of readers around the globe. Don’t worry. We also don’t like Spam. We are weekly.


We are using affiliate links & images from respective product sites in our articles occasionally, means that if you click on one of the links and purchase an item, we may receive a commission (at no additional cost to you). All the reviews & opinions (positive or negative) are 100% our own. We are not getting any money to write them. The trademarks mentioned in this website belong to the respective companies. All the articles are information purpose only, to help someone to educate & save money. In case any problem with the content, you can reach us anytime through our contact us page »