receives compensation from some of the companies listed on this page. Advertising Disclosure


5 Tips to Protect Your WordPress Website From Hackers in 2019

Thomas Griffin
at OptinMonster
Apr 12, 2019

Here are five steps you can take to keep your WordPress website secure.

The rapid growth of technology over the past decade is without a doubt one of the best tools for business owners today. Despite all the fantastic advances, there is one area that leaves many people fearful – especially those who own businesses. We are, of course, talking about cybercrime, and more specifically, hacking.

If the wrong person makes it past your security barriers and gains access to your website, you could have countless hours of work ahead of you to get your site back. The worst possible outcome during a data breach is that your customers’ sensitive information, such as credit card data, becomes fair game to the hacker.

According to Norton, the average cost of a data breach in 2018 for a company in the United States is about $7.9 million. That’s some serious cash.

Luckily, there are steps you can take to protect your WordPress website. Here are five ways you can protect your site and your customers’ data from malicious cyberattacks.

Backup your website

Creating a backup version of your website is the first thing you should do when you want to protect your site. There are numerous WordPress plugins available that can help you store a copy of your websites’ data on a secure server.

Backing up your website means that you’ll be able to bring your website back up and restore it to its original state following a cyberattack. Some hackers take down sites just for the sake of ruining someone’s day. The ability to recall your website from a backup program gives you peace of mind and takes off some of the pressure if hackers make it through your line of defense.

Only download trusted plugins

WordPress has over 55,000 plugins to date. While many of these plugins can prove useful to new and experienced users alike, the truth is that some plugins are safer than others. Some plugins give hackers behind-the-scenes information on your website, design, and even your customers.

If you want to ensure that your website is protected from malicious hackers, always research the plugins and check reviews before you decide to install one on your site. When you only use trusted plugins, you’re ensuring that your website and the people who visit it remain safe.

Mind your passwords

We all know the importance of having strong, unique passwords when it comes to protecting things like our bank accounts and social media pages. However, plenty of cybercriminals can use a brute force attack on your WordPress login page to gain access to your website.

There are some things you can do to prevent hackers from cracking your password and accessing your website. First, make sure your password is complicated and nearly impossible to guess. Use a random combination of numbers, letters, and symbols for maximum security. It’s also crucial that you add an attempt limit when entering your password. For example, after five attempts your account locks you out until you verify your identity through your email address.

Update all themes and plugins regularly

How many times have you received an option to update Windows only to delay it until tomorrow? The truth is that when you delay updates, you’re at risk for a cyberattack.

Make sure you’re frequently checking your WordPress plugins and themes and ensuring that they’re all up to date. In most cases, these updates resolve potential security risks associated with an exploit. The more frequently you update your WordPress themes and plugins, the better.

Choose a reliable hosting platform

Hosting platforms can be a goldmine for hackers. If you’re using a hosting platform that’s outdated or unreliable, you’re putting your website and your customers at risk for an attack. When you’re getting ready to create your website, make sure you check into different hosting options and look for honest, unbiased reviews.

A quick Google search will help you identify which hosting platforms have been around for years and receive great feedback, and which ones are more obscure and don’t have many reviews or much commentary from the WordPress community.


You need security measures on your WordPress website. There are always going to be people seeking to do harm by hacking websites. The best thing you can do is don’t become a victim of a cyberattack and then prepare for the worst so you know what to do if a hacker manages to make it past all of your defensive measures.

Image Credit:

Jacob Lund/Shutterstock

Thomas Griffin
I'm president and CTO of OptinMonster, a powerful lead generation tool that's installed in over 700,000 websites.