Quick Site Security Evaluation Quiz

Site owners have a lot on their plate, and it’s tough enough keeping up with the latest trends in marketing, SEO, and new plugins and tools to make your life easier. But, the one thing most overlook is site security. In reality, my site security affects yours, and yours mine.

Take this quick Site Security Evaluation Quiz and see how your site measures up. If your answer matches the one listed, give yourself the assessed points.

Question Did you use the one-click WordPress installation?	Answer yes	Point 3
Is your login user name admin?	yes	1
Does the meta data below the title of your blog post (the author name) show your login user name?	yes	1
Did you create a custom database table prefix?	no	1
Did you protect the file with your database and WordPress login info?	no	1
Did you protect your plugin directory from being searched?	no	1
Did you protect your site from being fully searched?	no	1
Did you remove the code that shows your WordPress version?	no	1
Are all the following up-to-date: WordPress, theme, plugins?	no	2
Do you have a current backup of your site?	no	5

Assessing Your Risk

How many holes do you think a boat needs to warrant a threat of sinking? If your total points are more than 0, your site is at risk. The bigger the number from your quiz, the bigger the hole is in your security.

Pay Twice

There are a couple of reasons why your site might get hacked. The most obvious one is to take your site down. But, that’s not the most prevalent reason. Most hackers are not after your site. They’re after the server and want to use it for their own purposes. (Read Why so many websites have been down lately) They have no intention of harming your site and you’ll never know it’s happening until Google slaps your site with a big red label, warning folks not to visit. (Read Google Insists You Take Website Security Seriously)

Patching the Holes

There are several WordPress plugins available that will help assess your site’s security risks and do their best to patch the holes. But, these plugins can’t make up for some of the most basic security risks, like your login username advertising that your site is easy to hack. (Read Invite Hackers and Shun Viewers with Bad Meta Data)

Don’t Use 1-Click Installation

You would think that hosting companies would have a vested interest in your site’s security, but they don’t. They are trying to sell you quick-and-easy. To date, I only know of one hosting company that has taken measures to beef up their 1-Click installation process to plug some of the security holes. It’s not all that needs to be done to secure a site, but it’s far better than the way it was. (Read WordPress 1-click Installation is not Secure)

Get a Geek

The very best way to protect your site is to hire a geek to set it up right in the first place – not a pseudo geek, a real one. If you want to vet someone, ask them this, have they ever helped anyone recover their site from a hack attack? If the answer is no, move along.

Every hosting service has different rules about the type of security measures they allow.

If you come across a generic .htaccess file that someone suggests using, I hope it works with your host and doesn’t suddenly make your site inaccessible.

Vet the advice you’re getting. If someone tells you to update your robots.txt file, move along. Here are two reasons why. It’s a public file, meaning anyone can read it on your site, and malware robots ignore its instructions. It may actually point the way to the things you’re trying to hide.

Fix it Later

If you already have a site, a geek can fix every security issue the host allows. It’s more expensive than setting it up right at the beginning, but it can be done.

Bullet-Proof Your Site

The Pentagon has all the money and personnel it needs to keep hackers at bay. They work around the clock to do it. There is no such thing as set-it-and-forget-it site security. And, there is no such thing as a bullet-proof site.

Do Your Part

Even if your site is set up correctly at the get go, there are things you’ll need to do to keep it secure.

Keep WordPress, your theme, and your plugins up-to-date.
Every time you install something on your site, you could be introducing a new security risk. Only use themes and plugins from trusted sources.
Back up everything. You’ll turn every color of the rainbow sick if you loose your site without a recent backup.

If we all take responsibility for our part, our sites will run faster and have less down time because everybody around us on the server is more secure too.

MaAnna is a geek who can still speak in plain English and mashes up her background in both the techie and artsy worlds to teach non-geeks, authors, artists, and other creative folks the ways of WordPress.

Chat with MaAnna on Facebook | Google+ | Twitter | LinkedIn

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.