So, you want to keep your website secure, right? Well, turns out, it’s actually pretty easy. The basics would be to just have a secure password for your admin account. Pretty easy to do, I wont go through how to create a secure password, because there’s tons of resources out there for this. Next step, don’t crazy with all the plugins. Use browser plugin Ghostery to look at what analytics and trackers you have on your site. The theme I used previously included a crap ton of trackers with it, which is no good. My current one doesn’t include any trackers by default, and all the ones I have I added myself. Keep an eye on what plugins and themes you’re using, that way you don’t get taken advantage of with some scammy guy loading your site up with trackers you (and they) don’t need.
I’d also recommend to moderate all your comments. You simply don’t want a bunch of spammers clogging up your blog with crap comments. (In your WordPress dashboard, goto settings, then discussion.) (In the “Before a comment appears” section, enable “Comment author must have a previously approved comment”). This will allow regular users to continue commenting, but they’ll need approval the first time. (Most spammers wont stick around long enough to comment more then once.) Also enable “Comment author must fill out name and e-mail”, so they actually have to give you their email address, again, most spammers wont do this. If you see common spam, you can also add words to the blacklist.
Obviously, nothing is impenetrable, but with these tips, you should be able to keep your WordPress blog as safe as you possibly can.
Other possible weakness would be your serve host, which could have some vulnerabilities, but that’s beyond all of our control. DDOS is something that most server hosts have protections against, but shouldn’t cause much more then momentary disruption of service, and shouldn’t cause any data breach.
Ov course, the best way to keep secure is to not post any personal information, or even use real information. (You think my real name is Nate Snowstorm? Pseudonym, baby! Keep as much private information away from this pseudonym as possible.