Notice: WP_Block_Type_Registry::register was called <strong>incorrectly</strong>. Block type names must contain a namespace prefix. Example: my-plugin/my-custom-block-type Please see <a href="https://wordpress.org/support/article/debugging-in-wordpress/">Debugging in WordPress</a> for more information. (This message was added in version 5.0.0.) in /customers/9/2/b/thoughtfulminds.org/httpd.www/wp-includes/functions.php on line 5315

Notice: WP_Block_Type_Registry::register was called <strong>incorrectly</strong>. Block type names must contain a namespace prefix. Example: my-plugin/my-custom-block-type Please see <a href="https://wordpress.org/support/article/debugging-in-wordpress/">Debugging in WordPress</a> for more information. (This message was added in version 5.0.0.) in /customers/9/2/b/thoughtfulminds.org/httpd.www/wp-includes/functions.php on line 5315

Notice: WP_Block_Type_Registry::register was called <strong>incorrectly</strong>. Block type names must contain a namespace prefix. Example: my-plugin/my-custom-block-type Please see <a href="https://wordpress.org/support/article/debugging-in-wordpress/">Debugging in WordPress</a> for more information. (This message was added in version 5.0.0.) in /customers/9/2/b/thoughtfulminds.org/httpd.www/wp-includes/functions.php on line 5315

Notice: WP_Block_Type_Registry::register was called <strong>incorrectly</strong>. Block type names must contain a namespace prefix. Example: my-plugin/my-custom-block-type Please see <a href="https://wordpress.org/support/article/debugging-in-wordpress/">Debugging in WordPress</a> for more information. (This message was added in version 5.0.0.) in /customers/9/2/b/thoughtfulminds.org/httpd.www/wp-includes/functions.php on line 5315

Warning: Cannot modify header information - headers already sent by (output started at /customers/9/2/b/thoughtfulminds.org/httpd.www/wp-includes/functions.php:5315) in /customers/9/2/b/thoughtfulminds.org/httpd.www/wp-includes/rest-api/class-wp-rest-server.php on line 1648

Warning: Cannot modify header information - headers already sent by (output started at /customers/9/2/b/thoughtfulminds.org/httpd.www/wp-includes/functions.php:5315) in /customers/9/2/b/thoughtfulminds.org/httpd.www/wp-includes/rest-api/class-wp-rest-server.php on line 1648

Warning: Cannot modify header information - headers already sent by (output started at /customers/9/2/b/thoughtfulminds.org/httpd.www/wp-includes/functions.php:5315) in /customers/9/2/b/thoughtfulminds.org/httpd.www/wp-includes/rest-api/class-wp-rest-server.php on line 1648

Warning: Cannot modify header information - headers already sent by (output started at /customers/9/2/b/thoughtfulminds.org/httpd.www/wp-includes/functions.php:5315) in /customers/9/2/b/thoughtfulminds.org/httpd.www/wp-includes/rest-api/class-wp-rest-server.php on line 1648

Warning: Cannot modify header information - headers already sent by (output started at /customers/9/2/b/thoughtfulminds.org/httpd.www/wp-includes/functions.php:5315) in /customers/9/2/b/thoughtfulminds.org/httpd.www/wp-includes/rest-api/class-wp-rest-server.php on line 1648

Warning: Cannot modify header information - headers already sent by (output started at /customers/9/2/b/thoughtfulminds.org/httpd.www/wp-includes/functions.php:5315) in /customers/9/2/b/thoughtfulminds.org/httpd.www/wp-includes/rest-api/class-wp-rest-server.php on line 1648

Warning: Cannot modify header information - headers already sent by (output started at /customers/9/2/b/thoughtfulminds.org/httpd.www/wp-includes/functions.php:5315) in /customers/9/2/b/thoughtfulminds.org/httpd.www/wp-includes/rest-api/class-wp-rest-server.php on line 1648

Warning: Cannot modify header information - headers already sent by (output started at /customers/9/2/b/thoughtfulminds.org/httpd.www/wp-includes/functions.php:5315) in /customers/9/2/b/thoughtfulminds.org/httpd.www/wp-includes/rest-api/class-wp-rest-server.php on line 1648
{"id":10328,"date":"2018-09-18T17:13:36","date_gmt":"2018-09-18T11:43:36","guid":{"rendered":"https:\/\/www.thoughtfulminds.org\/?p=10328"},"modified":"2018-09-18T17:17:59","modified_gmt":"2018-09-18T11:47:59","slug":"10-security-tips-for-wordpress-sites-plugins","status":"publish","type":"post","link":"https:\/\/www.thoughtfulminds.org\/10-security-tips-for-wordpress-sites-plugins\/","title":{"rendered":"10 Security Tips for WordPress Sites &#038; Plugins"},"content":{"rendered":"<p>If you want your website application to just about do anything that is possible, you will have to use plugins and extensions. They are tools that extend the capabilities of any application. From backing up your content automatically at regular time intervals, they can even help to connect your website to different social platforms.<\/p>\n<p>Though extensions and plugins have very useful features, it becomes vital to think of the website\u2019s security when using these facilities. If any of these plugins or extensions has vulnerability, then this can lead to security breach later on in the application. Just recently, there was news that the SEO Pack (All in One) plugin for WordPress was found to have 2 vulnerabilities that would allow privilege and cross-site scripting attacks. In case this has already been installed, it is a good idea to upgrade to the latest version of the plugin.<\/p>\n<h2><span style=\"color: #0000ff;\">Security Tips for Plugins<\/span><\/h2>\n<p>Given below are some suggestions whereby you can use plugins and still safeguard yourself from the vulnerabilities that may arise thereof.<\/p>\n<p><img class=\"aligncenter size-full wp-image-10329\" src=\"https:\/\/www.thoughtfulminds.org\/wp-content\/uploads\/2018\/09\/delete-unused-plugins-ThoughtfulMinds.jpg\" alt=\"delete unused plugins-ThoughtfulMinds\" width=\"700\" height=\"400\" srcset=\"https:\/\/www.thoughtfulminds.org\/wp-content\/uploads\/2018\/09\/delete-unused-plugins-ThoughtfulMinds.jpg 700w, https:\/\/www.thoughtfulminds.org\/wp-content\/uploads\/2018\/09\/delete-unused-plugins-ThoughtfulMinds-600x343.jpg 600w, https:\/\/www.thoughtfulminds.org\/wp-content\/uploads\/2018\/09\/delete-unused-plugins-ThoughtfulMinds-300x171.jpg 300w, https:\/\/www.thoughtfulminds.org\/wp-content\/uploads\/2018\/09\/delete-unused-plugins-ThoughtfulMinds-500x286.jpg 500w\" sizes=\"(max-width: 700px) 100vw, 700px\" \/><\/p>\n<p>Tip #1: If you are not using a theme or a plugin any longer, it is good idea to have it deleted. Code that is not present on the site cannot be compromised by the attackers.<\/p>\n<p>Tip #2: It is always best for you to procure your plugins and themes from sources that can be trusted. It cannot be denied that free themes and plugins are very attractive. But we unfortunately do not know what comes along with it. Malware can easily creep in from free plugins and themes and compromise the site\u2019s security.<\/p>\n<p>Tip #3: Passwords should be strong. There are many malware programs that run automatically trying to guess passwords and break into WordPress sites. It is better to be safe than sorry.<\/p>\n<p>Tip #4: It is important to maintain up-to-date versions of all plugins and themes. There are WP plugins that gives the latest information on updates that are available. Programs such as InfiniteWP, ManageWP, and WPRemote help to update large networks of sites all at once. There is an application that is due to be released which would help you to manage WordPress sites even from your phone.<\/p>\n<p><img class=\"aligncenter size-full wp-image-10332\" src=\"https:\/\/www.thoughtfulminds.org\/wp-content\/uploads\/2018\/09\/Update-plugins-ThoughtfulMinds.png\" alt=\"Update plugins-ThoughtfulMinds\" width=\"700\" height=\"400\" srcset=\"https:\/\/www.thoughtfulminds.org\/wp-content\/uploads\/2018\/09\/Update-plugins-ThoughtfulMinds.png 700w, https:\/\/www.thoughtfulminds.org\/wp-content\/uploads\/2018\/09\/Update-plugins-ThoughtfulMinds-600x343.png 600w, https:\/\/www.thoughtfulminds.org\/wp-content\/uploads\/2018\/09\/Update-plugins-ThoughtfulMinds-300x171.png 300w, https:\/\/www.thoughtfulminds.org\/wp-content\/uploads\/2018\/09\/Update-plugins-ThoughtfulMinds-500x286.png 500w\" sizes=\"(max-width: 700px) 100vw, 700px\" \/><\/p>\n<p>Tip #5: A surefire way for your WordPress website security is including a two-factor authentication login (2FA). This method adds a second layer of security and prevents attacks by hackers. It requests identification proof such as passwords sent to mobiles or answers to secret questions.<\/p>\n<p>Tip #6: Do not leave the WordPress admin login to the default one: wp-admin, wp-login.php, etc. change this password to an unusual or a less common one. This makes the website more secure and prevent attacks to the admin URL page. Businesses need to use number of plugins for better performance of their site and therefore these security tips are essential.<\/p>\n<p>Read Also: <span style=\"color: #993366;\"><a rel=\"noopener\" href=\"https:\/\/www.thoughtfulminds.org\/top-10-wordpress-plugins-that-businesses-must-know-for-wordpress-website-design\/\" target=\"_blank\"><strong>The top 10 WordPress plugins that businesses must know for WordPress website desi<\/strong>gn<\/a>\u00a0<\/span><\/p>\n<p>Tip #7: Switching to HTTPs protects the website from eavesdroppers trying to monitor data that is communicated between two parties. If you currently have a HTTP site, it is a good idea to switch to HTTPs with the help of an SSL certification. This creates an impenetrable link between the web server and browser. The website also gets a better ranking in Google listings if you have a HTTPs website which translates to better security.<\/p>\n<p><img class=\"aligncenter size-full wp-image-10330\" src=\"https:\/\/www.thoughtfulminds.org\/wp-content\/uploads\/2018\/09\/Switch-Website-From-HTTP-To-HTTPS-ThoughtfulMinds.jpg\" alt=\"Switch-Website-From-HTTP-To-HTTPS-ThoughtfulMinds\" width=\"700\" height=\"400\" srcset=\"https:\/\/www.thoughtfulminds.org\/wp-content\/uploads\/2018\/09\/Switch-Website-From-HTTP-To-HTTPS-ThoughtfulMinds.jpg 700w, https:\/\/www.thoughtfulminds.org\/wp-content\/uploads\/2018\/09\/Switch-Website-From-HTTP-To-HTTPS-ThoughtfulMinds-600x343.jpg 600w, https:\/\/www.thoughtfulminds.org\/wp-content\/uploads\/2018\/09\/Switch-Website-From-HTTP-To-HTTPS-ThoughtfulMinds-300x171.jpg 300w, https:\/\/www.thoughtfulminds.org\/wp-content\/uploads\/2018\/09\/Switch-Website-From-HTTP-To-HTTPS-ThoughtfulMinds-500x286.jpg 500w\" sizes=\"(max-width: 700px) 100vw, 700px\" \/><\/p>\n<p>Tip #8: All WordPress files are to be monitored regularly and actively. This way, any file that has been hacked can be spotted immediately. There are plugins that can track the status of WordPress files and pass on notifications if they have been changed. Any security issue can be spotted soon enough.<\/p>\n<p>Tip #9: it is a good idea to have regular back-up of your site. This will prevent building up your site from scratch again in case of any transgression. There are many readymade plugins that help you do this job. This protection comes at a cost. However, it is better than the trouble that is to be taken to rebuild the website from scratch.<\/p>\n<p>Tip #10: It serves to keep WordPress as well as its plugins updated. It is easier to have a security issue with outdated versions. It is easy for hackers to act if the versions are not patched to the latest updates. Configure plugins during installation so that they automatically update themselves. They have the option available. WordPress comes with an automatic update feature from version 3.7 onwards.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>If you want your website application to just about do anything that is possible, you will have to use plugins&hellip;&nbsp;<a href=\"https:\/\/www.thoughtfulminds.org\/10-security-tips-for-wordpress-sites-plugins\/\" rel=\"bookmark\">Read More &raquo;<span class=\"screen-reader-text\">10 Security Tips for WordPress Sites &#038; Plugins<\/span><\/a><\/p>\n","protected":false},"author":2078,"featured_media":10331,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_oct_exclude_from_cache":false,"neve_meta_sidebar":"","neve_meta_container":"","neve_meta_enable_content_width":"","neve_meta_content_width":0,"neve_meta_title_alignment":"","neve_meta_author_avatar":"","neve_post_elements_order":"","neve_meta_disable_header":"","neve_meta_disable_footer":"","neve_meta_disable_title":""},"categories":[5,875],"tags":[881,882,886,884,885,883],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.thoughtfulminds.org\/wp-json\/wp\/v2\/posts\/10328"}],"collection":[{"href":"https:\/\/www.thoughtfulminds.org\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.thoughtfulminds.org\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.thoughtfulminds.org\/wp-json\/wp\/v2\/users\/2078"}],"replies":[{"embeddable":true,"href":"https:\/\/www.thoughtfulminds.org\/wp-json\/wp\/v2\/comments?post=10328"}],"version-history":[{"count":0,"href":"https:\/\/www.thoughtfulminds.org\/wp-json\/wp\/v2\/posts\/10328\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.thoughtfulminds.org\/wp-json\/wp\/v2\/media\/10331"}],"wp:attachment":[{"href":"https:\/\/www.thoughtfulminds.org\/wp-json\/wp\/v2\/media?parent=10328"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.thoughtfulminds.org\/wp-json\/wp\/v2\/categories?post=10328"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.thoughtfulminds.org\/wp-json\/wp\/v2\/tags?post=10328"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}