| |

Security and Backup Essentials for WordPress

WordPress is a cultural phenomenon when it comes to publishing online. What started as a simple blogging tool in 2003 has become the most popular open-source content management system (CMS) in the world powering WordPress.com and millions of sites worldwide. There are a number of alternatives including the very popular Joomla, but the difference with WordPress is the almost cult following that has resulted in some of the best plugins available for a blogging platform.

When you first install WordPress it can be difficult to choose which plugins you install first. WordPress doesn’t come preinstalled with any real security or backup abilities, so it’s essential that you start of your blog publishing on the right foot. Here is a roundup of the very first plugins you should consider installing to make sure that you have a secure WordPress blog, and can spend more time publishing than worrying about its security.


The first plug-in that you should install and activate is Akismet. It’s a sophisticated tool that allows your blog to stay safe from comment spam. If you’re new to blogging, you might be wondering how it would be possible for spammers to find your blog, and what exactly would they want with it. The answer is simple, spammers post comments to blogs, with hidden links to their spam sites, and this is done with automated software. The statistics from the official Akismet blog are staggering. There was around 5.4 billion spam comments caught just in the month of March 2015.

The plug-in itself is very easy to install, and free if you’re using it for a basic personal blog. You have to activate it with an API key that you retrieve from Akismet website, and once it’s installed and working, you’ll never hear from it again. It blocks all the spam comments you could get, and deletes them automatically. This way, you never spend any time trying to figure out if a comment is genuine or not. Only the real comments get through to you. You can have a look at the settings in your admin of WordPress after a couple of months, and it will tell you exactly how many spam comments have been stopped, and how much time the plug-in has saved you.



One of the most frustrating things that can ever happen to you is you lose your blog, and you’ll well researched blog posts. Now, this can happen to you, there are many factors that are outside your control, such as hackers taking your site offline, or even your webhost going out of business. So how do you make sure your posts and site is all backed up, and more importantly how do you do it as easily as possible? Well with BackWPup you can handle this task like a true backup pro.

The plug-in only takes a few minutes to set up, but once you do you’re able to choose exactly how you want your site, and its internal database to be backed up. The choices include sending the file as an attachment via email, or you can set it to upload to your dropbox account. Once you’ve chosen the method of backup, you then have to set up how regularly it happens. This can be every day if you have a large blog, or once a week, and you can set the specific time you want the backup to be performed, preferably when your blog is at its quietest.



There are hackers around the world that everyday want to disrupt your website, and take it offline. They do this just for fun too, but what can you do to stop it. Well the answer is in one of the most advanced security plug-ins for WordPress. BruteProtect is a plug-in that comes as part of the essential JetPack Plugin, which uses all the thousands of other BruteProtect users to combine information about which IP address are trying to brute force attack websites around the world. This information is then used to block these IP address from reaching you.

Its a silent plug-in that requires very little admin. All you need to do is setup API access, and you’re good to go. The dashboard of your admin will show the BruteProtect plug-in and how many hack attempts your site has been protected from. If you want to know if this plug-in is worth installing then just consider the statistics that this plug-in has managed to protect from over 1.2 billion attacks.



Hackers can attempt a break in of your site in many ways. Sometimes hackers will break into your site, and place a malicious link in either your theme or your plugins. If you’re not a programmer, this can be hard to detect, but fear not, Wordfence does a great job at protecting you. The way it works is simple, it checks the core files of your WordPress blog against the official ones.

It also comes with a bunch of other security features such as a firewall to block scans from malicious hackers. It will also search your site for well known malware, and block specific IP address from anyone who tries to login unsuccessfully several times. You get all this information presented to you in a nice dashboard interface that tells you exactly where the latest blocks have originated from.



WordPress has a great many plug-ins that allow you to expand the functionality of the platform way beyond what it first comes packaged as, yet your first task with every new WordPress installation is to set up these plug-ins first. Your WordPress sanity depends on it.

Author Bio

TechTorpedo is an online digital blog specializing in everything from networking news, to business, social media, and lifestyle information. We like to create entertaining and relevant posts, and cover a range of interesting topics.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.