WordPress Security
for Webmaster 2021
How to Stop Hackers Breaking into Your Website
Dr. Andy Williams
Updated: 16 th February 2021
What people are saying about previous versions of this book:
Andy's advice in this book is as objective, practical, and pragmatic as any you'll ever come across. Andy always speaks from pure experience. His narratives are invaluable, unselfish, and indispensable. Amazon Customer
Good read. Useful, actionable information. Howard Lee Harkness
Everyone using WordPress needs to read and follow this book... Step by step, you are instructed on how to add protection to tour site. Thomas Bogan
Easy to understand book on WordPress Security. Excellent! Dr. Andy Williams does it again! I'm a huge fan of his books. He always over-delivers and makes the most complicated subjects understandable. Carol Youmans
Dr. Andy Williams always does a good job. He puts everything in his work. All the details are specifically mentioned, and no stone left unturned. Evelyn Guzman
It is great. Easy to understand. Thanks, Andy. Tin
Awesome. This comprehensive guide covers everything you didn't know you didn't know about WordPress security (if you're a beginner with WordPress) and is explained so easily and step-by-step; this has been a life saver for me! Thanks, Andy. Megan
Contents
DISCLAIMER AND TERMS OF USE AGREEMENT
The author and publisher of this eBook and the accompanying materials have used their best efforts in preparing this eBook. The author and publisher make no representation or warranties with respect to the accuracy, applicability, fitness, or completeness of the contents of this eBook. The information contained in this eBook is strictly for educational purposes. Therefore, if you wish to apply the ideas contained in this eBook, you are taking full responsibility for your actions.
The author and publisher disclaim any warranties (express or implied), merchantability, or fitness for any particular purpose. The author and publisher shall in no event be held liable to any party for any direct, indirect, punitive, special, incidental, or other consequential damages arising directly or indirectly from any use of this material, which is provided as is, and without warranties.
The author and publisher don't warrant the performance, effectiveness, or applicability of any sites listed or linked to in this eBook.
All links are for information purposes only and are not warranted for content, accuracy, or any other implied or explicit purpose.
The author and publisher of this book are not in any way associated with Google.
This eBook is copyrighted by Dr. Andrew Williams and is protected under the US Copyright Act of 1976 and all other applicable international, federal, state, and local laws, with ALL rights reserved. No part of this may be copied or changed in any format, sold, or used in any way other than what is outlined within this eBook under any circumstances without express permission from Dr. Andrew Williams.
A Little History
In the early days, websites were hand-built using a special code called HyperText Markup Language (HTML). To create good-looking websites back then, you had to be something of a geek. Then, special tools came onto the market to reduce the learning curve associated with building websites in HTML. Two of the more popular ones were Macromedia Dreamweaver (now owned by Adobe) and Microsoft Front Page (discontinued in 2006). The problem with these web development tools is that they were expensive.
In May 2003, Matt Mullenweg & Mike Little released a new tool that would change the face of website building forever. They called it WordPress.
I have to admit I was a little reluctant to give up my copy of Dreamweaver at first. But in 2004, I began to experiment with the WordPress platform. It was a time when WordPress was just starting to get interesting. This was thanks to the introduction of something we now know as plugins.
Fast-forward to today, and WordPress is now the site-building tool of choice. It's popular with professionals and enthusiasts alike. Home-based businesses run by moms & dads love it, as do school kids running blogs about their favorite bands or video games. Today, even large corporations use WordPress and just about everyone else who builds websites.
WordPress is extremely powerful, flexible, and produces very professional-looking websites and blogs. It's pretty easy to use too, but best of all is that it's 100% free.
The other advantage of WordPress is that the code is freely available to anyone who needs it. This same advantage, though, is also its biggest security threat. The open nature of the code means developers can create exciting new plugins and themes to extend the functionality. Alas, it also means hackers can find security holes in the code and use them to gain illegal access to WordPress websites.
A lot of the discussion on website security can get overly technical. Even so, the average webmaster needs to be able to protect and secure their website. That means there should be no technical barriers to stop the average user. It's why we need these things written in plain and simple English.
Thats where this book comes in.
I'm going to take you by the hand and guide you one easy step at a time as you secure your website(s) against hackers.
How to Use This Book
I wrote this book for anyone who runs a WordPress website. I wont assume you have any technical knowledge at all. You dont have to worry about steep learning curves or technical skill requirements. There aren't any.
What you have here is a hands-on tutorial. To get the most out of it, I recommend you sit at your computer and follow the steps outlined in these pages. Whenever I do something on my demo site, you do the same on your site. Dont be afraid to make mistakes, as they can easily be undone.
There are two main sections in the book.
The first section looks at the various ways hackers can gain access to your site and how you can STOP them. I also provide detailed instructions on ways to plug these security holes. Don't worry; you dont need to do anything at this point, not if you dont want to.
The second part of the book covers a comprehensive security plugin. This plugin secures your site using a simple point-and-click interface. You'll learn about website security in the very first section of the book. You then just follow my lead as we set up the plugin to secure your site against hackers.
By the end of this book, you'll have a solid understanding of WordPress security. You'll also know the measures to take to secure your website(s).
I have good news for anyone who likes to learn via audio-visual. You should find my companion WordPress Security video course very interesting. There are around 2.5 hours of video tuition and a Q&A section where you can ask me questions. You can find details in the Resources section at the end of this book.
A Note About UK v US English
There are some differences between UK and US English. While I try to be consistent, some errors may slip into my writing because I spend a lot of time corresponding with people in both the UK and the US. The line can blur.
Examples of this include the spelling of words like optimise (UK) v optimize (US).
The difference I get the most complaints about is with collective nouns. Collective nouns refer to a group of individuals, e.g., Google. In the US, collective nouns are singular, so Google IS a company. However, in the UK, collective nouns are usually plural, so Google ARE a company. This is not to be confused with Google, the search engine, which is singular in both.