Why and How to Protect Your WordPress Site from Errors and Hacks

by | Mar 22, 2019 | Websites, SEO

This week we’ve seen three urgent update announcements for themes and plugins with one being removed completely from the WordPress repository due to security issues. Elegant themes even made their latest update available to anyone with an expired licence. Several of my developer contacts have reported hacked websites, malware and inappropriate redirects.

Why and How to Protect Your WordPress Site from Errors and Hacks 1

Often people think that the investment for a website is all about design and development but keeping everything up to date is just as important.

WordPress core is often updated to prevent security issues and your plugins and themes need to be kept up to date too, even standard themes that aren’t active on your site can pose a security risk. Not updating your website can not only lead to problems with the ways it works, site visitors being exposed to malicious code and viewing scary warnings from browsers but will also impact your website visibility (SEO).

How to ensure your WordPress site is up to date

Install a security plugin


Sucuri specialises in WordPress security and provide both a free and premium plugin to monitor sites and assist in recovering sites that have been hacked. The plugin monitors your site for potential security vulnerabilities as well as scanning for malware and hardening overall security of your site.


Wordfence is a free and premium plugin offering a firewall and malware scanner developed to protect WordPress. The Wordfence firewall identifies and blocks malicious traffic and any requests that include malicious code or content as well as limiting login attempts and enforcing strong passwords. Core files, themes and plugins are scanned for malware, spam, redirects and code injections. This plugin also alerts you to security risks and will let you know of any Core, theme or plugin updates required.

Use well-supported themes and plugins

Whenever you think about extending the functionality of your website with themes or plugins, look for something that is updated often and has active support. If a plugin hasn’t been updated for more than 6 to 12 months I would not install it on a site and look for another option. If you look in the WordPress repository for plugins a warning will show if there have been no recent updates.

Why and How to Protect Your WordPress Site from Errors and Hacks 2

Daily backups

Why back up your site often? Well if you’re updating your site regularly you will most likely come across a situation where a plugin or theme causes a conflict and your site will stop working. Restoring a backup until you can troubleshoot the issue or get a developer to help, is essential. The backups also give you peace of mind in case of your site being hacked, should the worst happen, your valuable website will be safe and can be restored to an earlier version. If this happens then it’s time to take a good look at your site configuration and eliminate any security threats. Your ability to create daily backups may depend on your website hosting, many hosts offer this service as part of their hosting packages or you can use a WordPress backup plugin to help with this.

How often to update a WordPress website

WordPress updates are frequent both for security and introducing and improving features. They offer auto-updates but I’d recommend against this as incompatibilities with your theme or plugins could break your site. If you use a plugin such as Wordfence or Securi then you’ll be alerted when updates become available for anything on your site, from WordPress Core to plugins or themes. Sometimes an important plugin will become incompatible with the newest version of WordPress, if it’s developed by an active team they should make you or your developer aware that updating will cause issues.

Updates don’t take long but dealing with broken sites can be time-consuming if something goes wrong. If you’re not happy taking care of the technical aspects (or those handy warnings to back up your files and database before updating give you a scare) then you may want a professional to look after this aspect of your website.

How to make updates to WordPress, Themes and Plugins

WordPress core and most plugins can be updated directly in the WordPress dashboard, it’s as easy as a few button clicks (so long as you’ve made a backup of your site files and database first). Some premium plugins and themes may require you to input your purchase code to enable updates, you may need an additional plugin or should be updated by uploading the new files directly to your server through FTP (file transfer protocol).

Want someone to take care of this for you? Get in touch and we’ll chat about what you need.

Recent Posts

Increasing charity donations with great website design and UX

Increasing charity donations with great website design and UX

British people gave £12.7 billion to charity in 2022. In fact, individual giving amounts to around 50% of income for small charities each year. Charities rely on donations to fund their important work, whether it's supporting communities, protecting the environment,...

High-converting Homepage Structure and Content Guide

High-converting Homepage Structure and Content Guide

Having a high-converting homepage structure and content will make or break your website. In this post, we're going to show you how to improve your homepage so it's a high-converting, engaging, client-focused, sales machine. Your homepage is your digital first...

Must Have WordPress Plugins 2023

Must Have WordPress Plugins 2023

WordPress plugins are essential and you'll likely have at least a few installed on your website. But what are they, how many should you have and how can you be sure you've got the best ones? Let's demystify WordPress plugins so your site can do everything it needs to...

Grab a Freebie

define ideal clients branding web design

Work with us

web design for non-profits

One Day Websites

Get online fast with a process that goes from strategic planning, guided content creation to design and launch in no time.

web design for non-profits

The Design Experience

A design process that starts with strategy and ends with a website that does exactly what you need.

Want to chat about your website?

Book a call to tell us all about your project