Let me just say it: WordPress is awesome. Millions of people have flocked to the platform and use it in their daily business.

However, there’s a dark side to the growing popularity of WordPress: Because it powers more and more websites, the number of hackers and other shady individuals who target WordPress is also steadily growing.

As a consequence, security is an increasing concern for all WordPress users. Yet, at the same time, it is a much neglected topic, because, quite frankly, many find it boring.

You know what else is boring? Health insurance. But just like WordPress security measures, you are glad it is there when you really need it. That’s why we will now take a look at how to keep your precious website safe and sound.

The key points are:

1. Use a reliable hosting company
2. Improve your login information
3. Stay up to date
4. Be vigilant about plugin and theme usage
5. Back up regularly
6. Limit login attempts
7. Employ two-step authentication
8. Choose a custom table prefix
9. Add salts to wp-config
10. Set correct file permissions
11. Disable the WordPress theme and plugin editor
12. Block access to your wp-config file
13. Remove the WordPress version