You are currently viewing New security features for WordPress websites

New security features for WordPress websites

  • Post author:

If you have a website running WordPress then you will be pleased to know about some new features which have been added recently, and they’re all free.

The first is the new Site Health section. Part of v5.2, this gives you a good overview of any issues on your site. Don’t get too concerned about the percentage score, it’s going to be extremely difficult to reach 100%, but the advice it gives can be very helpful.

Another big feature is part of the very popular security plugin, Wordfence. Until now, this was only available in their premium version but it’s been added to the free version. This is 2FA, or 2-Factor-Authentication. If you’re not familiar with this, it’s basically another level of security you need to go through when logging into your wp-admin area. You need an app on your smartphone (Google Authenticator and Authy are two very good ones and both are free) which you set up with your site. It’s easy to do, you just use the camera to scan a QR Code. Then, every time you log in, a new box appears asking for a 6-digit code. This changes every 30 seconds and is only shown after successful entry of the username and password so even if your password is known, without the smartphone giving the 2FA code they are unable to log in. To give an idea of how secure this is, they have a 1-in-a-million chance of guessing the number within a 30-second period… and that’s after successfully entering the correct username and password.

Finally, another great feature Wordfence have added to their free version is Google reCAPTCHA v3. You’ll be familiar with websites showing a box “I am a human” in their forms? Or a series of photos where you’re asked to tick those which have traffic lights in, or motorcars, etc.? This is Google reCAPTCHA (completely automated public Turing test to tell computers and humans apart) which is designed to make sure it’s a real person submitting the form. Well, v3 of this does the work behind the scenes to determine if it’s a person or not. Very clever.

So, if you run a WordPress website, we would very much recommend updating to the latest version (v5.2) and installing Wordfence to use these new features.

Contact us if you need any help with this or have any questions.