WordPress Secure Processes
In this post, I will describe three processes that will help you keep your WordPress website more secure. If you are interested in an overview of WordPress security, checkout my first article in this series: Securing WordPress. A secure site starts with planning. Establishing processes for adding content, updating the software, and backing up the site are a critical part of the plan. Let’s start with some approaches to adding content in WordPress.
There are an increasing number of ways that WordPress allows content to be added to the system. From the typical method of using the administrative interface to using a third party API that imports content from another system, each method should be thoroughly considered and documented. If you are not part of an organization and are the only one adding content, there are still questions to address. Are you using a WordPress role with the least amount of privileges when adding content? Can you add an extra password to the administrative site using Apache authentication? Have you disabled the WordPress features that you are not using? Answering these three questions will help establish a process and keep your website safe.
To start, think about the WordPress roles. The full documentation regarding the roles is available on WordPress.org. There are three roles to consider for adding content:
- Editor – someone who can publish and manage posts including the posts of other users.
- Author – someone who can publish and manage their own posts.
- Contributor – someone who can write and manage their own posts but cannot publish them.
You may be wondering: Why not just use your administrator account? Never underestimate what flaws hackers may find in your system. There may be a way to establish authentication through that account based on it being associated with a post. Additionally, you should create a very complex username and password for the administrator, and set up a different account for adding content with a friendlier username.
Assessing which role to choose when creating content applies if you are a member of a team or managing your website alone. As an individual contributor, you may be able to choose the author role. If you are part of multiple users adding content on the system and need to manage other users’ posts, choose either editor or contributor. Once a role (or set of roles for users) has been determined, start to look for additional security measures that can be implemented.
Think of your WordPress administrative site like the inside of a vault full of money. The more locking mechanisms and monitoring you can put in front of the vault door, the more secure it will be. I highly recommend using a plugin to secure the WordPress login process. Look for BulletProof Security, Wordfence, or All In One Security to create lockouts for incorrect usernames and passwords. Most security plugins also enable alerts for suspicious activity. Another password challenge can be implemented for the administrative site through apache. Check out this article for details.
Lastly, look at any WordPress features, plugins, and themes your are not using and disable or remove them. For example, if a page or post should not have comments, make sure you disable them.
Below is a sample process chart showing some of the ideas mentioned. Consider what else may be needed in your website.
While describing the adding content process, I compared the WordPress administrative site to a vault with money in it. Gates and locks may help keep out potential thieves, but what if someone figures out how to make a key to the door and gives it to everyone? The manufacturer offers a free way to change the lock, but you don’t know about it. This is similar to not checking for updates to WordPress and the plugins/themes you have installed. You should check at least once a week. Fixes for security holes are released periodically by software authors and publishers.
Your update process should involve a way to test your website with the changes before exposing it. Think of anything that may need to change before and after the process. For example, I like to restrict the file permissions of WordPress directories so that the web server user (usually www-data, apache, or httpd) is not allowed write access. With this approach, you need to allow write access if you are updating using WordPress direct file management, although you may not need to if you are using a separate FTP user. The chart below represents an update process that can be used for a WordPress website. More detail can be added as needed.
The backup process can vary drastically depending on your organization’s requirements or general policies. Usually a process has been established and you will need to adhere to the guidelines provided. When there is not an established process, use these focus points to create your own.
- WordPress saves your content and settings in the database and the upload file directory (usually under wp-content/uploads/).
- Automated backups can be set using many different plugins (Updraft Plus is one I like).
- Store the database and file backups somewhere external to where the server WordPress is being hosted.
- Keep backups from several dates in the past, in case the current backup has an issue.
- Practice restoring the backup once a month on a test website.
Thinking thoroughly about the processes on your website and documenting them can lead to a safer, less frustrating experience for yourself and your users.