There are some simple, some free, some more difficult and some commercial solutions out there for making WordPress more secure. The question is not IF you will get hacked, but WHEN. The more you can do to secure your web site, the better.
Below are minimal steps that you should take to help secure WordPress, in order of importance:
- Keep WordPress, plugins and themes updated – There are a number of ways that you can do this:
- If you are working with a web site that isn’t too complex and/or doesn’t need to be babysat, WP Update Settings is a great plugin. It allows you to configure what to update: WordPress minor updates, major update, plugins and/or themes. It also has the option to notify you of updates. Configure as needed.
- You can update your plugins manually if you prefer. It may help to use a monitoring services