Keeping Your WordPress Website Secure
WordPress is an easy to use and flexible CMS. It powers over 30% of all webpages and has 1000s of plugins for all types of functionality and 1000s of themes too. This extensibility also creates a security hazard as each plugin/theme has the potential to make your website vulnerable to hackers. Hackers like WordPress as it is often not updated by the website owner and they crawl website looking for known vulnerabilities so the can upload their malicious content.
This article provides a few ways of securing your WordPress website.
Strong Username and Password
Still overlooked by many but the simplest way to help secure your WordPress site. Use a random username (it doesn't have to make sense so something like iiiqeby$%BF£ is fine!) and an equally strong password. Use a password manage like 1password to store these details so you don't have to remember them.
Security Plugin
Add a security plugin like WordFence or Sucuri to your website. These plugins block brute force login attempts (where a bot tries login on a loop), check for file changes against a known repository and much more.
Updates
Keep your website updated. WordFence will send you emails when plugins are out of date and a new version is available. Make sure you update these on a regular basis (weekly is recommended).