WordPress is a fantastic platform for building websites. I use it exclusively on every site I build for myself or clients. However, there is a problem with WordPress – it's a prime target for hackers. In August 2012, Reuters was hacked! It's a sad state of affairs when people actually get their kicks from destroying other people's hard work, but that's life and it does happen. Several years ago, I had one of my unprotected sites hacked and it was so bad I ended up trashing the site and letting the domain expire. The hackers had messed the site up badly and even swapped my Adsense code for their own (or someone else's). That's how I found out about the hacked site – my Adsense dropped to zero on that site.
Matt Garrett is a UK marketer that I trust. He has just come out with a training package called Blog Defender that promises to show you, step-by-step, how to secure your blog from hackers. I've been through the entire course and even though I use my own protection on websites, I have spotted a few other areas that I can lockdown.
Matt's course is excellent. He holds your hand, every step of the way as he shows you which free plugins to download and how to set them up so that they complement each other to lock down your site. The three plugins he uses do have some overlap in features, but Matt and his team have exhaustively tested these three and got them working together without conflicts.
Besides the obvious security tutorials, there are some others that will also help get your site setup correctly from the beginning and how to fix any issues you may have when trying to secure previously set up WordPress sites.
If you have one or more WordPress sites that you value, you have to add security as the incidence of hacking attempts on sites (even old, dormant sites) is on a massive scale and getting worse.
Once you have been through the entire course, you'll probably not want to watch all 16 videos again when you secure another site. Fortunately Matt has supplied a really useful PDF checklist that you can follow to make sure you have covered all of the security loopholes in your site.
I fully recommend Matt's course and will be implementing his entire security strategy on some of my more valued websites. If you don't want to end up like Reuters, I recommend you do too (the security issue that Reuters had is common in many WordPress installs, but this course closes that loophole as well).
Securing a website from hackers is essentially a low-level, technical exercise, but Matt's excellent video tutorials make it easy for even a complete novice to follow.
You can read more about this course on Matt's sales page. Even if the course does not interest you, you should still go and visit the sales page because it will open your eyes to the scale of the problem webmasters face. Matt shows you how his mother’s website was hacked and used by hackers to steal people’s Paypal login details. Scary stuff.
You should read the sales page on the WordPress Blog Defender website.
The #1 Question I have received since writing this review is:
Does it slow your site down?
I would guess that it has to, so is the slowing down acceptable? To test this, I measured the speed of one of my sites using GTMetrix.com. I should add that I AM NOT using any caching plugins.
WARNING: I recommend taking a full backup of your WordPress site before installing these plugins. While I did not encounter any problems, I cannot guarantee you won’t.
Before installing the security measures, this is how my site faired:
So it took 2.44s to load the homepage of the site.
The course takes you through installation of three plugins. I’ll show you the speed tests after each plugin has been configured (in the order Matt does this in the course).
Plugin #1 Installed & configured
Almost the same, in fact slightly quicker, though that may just be natural deviation.
Plugin #2 Installed & configured
Page load speed is very similar to the speed before the two plugins were installed.
Plugin #3 Installed & configured
Wow. I wasn’t expecting that. 3 security plugins and no slow down. In fact, it even looks like the speed has increased. I’m sure that is just natural variation in server speed. However, the good news is, you can follow this course and secure your site without an impact on load times.
If you are interested in securing your site, read the sales page on the WordPress Blog Defender website for more details.