In the previous article, Hamster explained how to easily install WordPress on your server account using Installatron. This time Hamster will teach you how to set up the necessary security plugins.
WordPress admin panel review
First of all, make sure that your website is now available online, and you can start building your website’s design. In this article, you have seen that after WordPress installation, the new admin URL is available.
By default, the URL of the admin’s panel is in the wp-admin directory. Therefore you have two options to login to the admin panel:
1. Through the Installatron
2. By going directly to your website URL
Once connected, this what you will find:
1. Main information regarding your website activity, also shortcuts to create a post quickly.
2. Posts. This part is useful to start a blog.
3. Media. Here you can upload media and see all the media previously uploaded to your website.
4. Pages. Create a new page for your website: About Us, Contacts, and any other page that you wish.
5. Comments. If a comments section is available on your blog, you will be able to manage them.
6. Appearance. Here you can change the theme, widgets, buttons, and any other element of your website’s design.
7. Plugins. Here you can manage all your plugins: download, install them, and change their settings.
8. Users. If you are going to work on a website with colleagues, you can create and modify their user profile.
9. Tools. Import and export data. Also, you can manage plugins via this section.
10. Settings. General settings of your website: site title, URL, administrator email, etc.
Let’s choose what your WordPress website will look like
The first step is to choose a theme. It’s going to be the basis of your website’s look. Later you will be able to change colors, fonts, and other additional elements. The theme is the basic structure of your website.
Press “Appearance” -> “Themes” and choose one of the basic ones. If you would like more options, simply press “Add New Theme” and you’ll find a number of themes offered by developers. They are partly free of charge and you will find more than enough for your first website. However, if you’re looking for more functionality, Hamster would advise that you choose from a reliable source, for example, themeforest.net. Be careful! There are various sites where you can find “free” themes that are usually paid. However, such sites should not be trusted, as their software usually contains malicious code fragments that can be used to intercept your site and steal data. By purchasing a paid theme, you won’t have to risk the page’s security, and you’ll also get the official theme developer’s support if you run into unforeseen issues.
More functions with plugins!
After determining the desired look of the site, we can move on to another critical point – plugins:
Plugins are designed to extend the functionality of a website without additional programming knowledge. Here are a few plugins that will make it much easier to build, optimize, and customize your site for search engines:
WPForms – With this plugin, you can create attractive contact, inquiry, survey, and other forms.
Smush – for compressing and optimizing images to improve your website’s speed.
Yoast SEO – helps to perform website optimization for search engines such as Google so that your website can be easily found on the Internet.
WooComerce – if you plan to create an e-shop, with this plugin you can quickly turn your website into a store.
Google Analytics dashboard – for real-time tracking of traffic and statistics (requires Google Analytics registration).
WP Super Cache – optimizes page speed, which is very important for a high position in search engines.
GDPR Cookie Compliance – this plugin is designed to inform website visitors about the cookies used on your website and the information collected, as required by the General Data Protection Regulation.
As you’ve probably noticed, there are plugins designed for various purposes, and a quick search in the “Plugins” section will help you find the solution that’s right for you. All plugins provided are free but they often have limited functionality if you have not purchased the full version. Just like with design themes, you can come across “free” plugins on the Internet, but, once again, it’s not a good idea to trust sites that distribute such software.
The most important part: WordPress security
When creating a website, you must consider security: ways to protect your website from spam and malware. Here are some useful tips on what to start with:
Protect any contact forms that visitors fill in
Plugins can be used to protect contact forms from being filled in by bots. One of the most popular tools for this is Advanced NoCaptcha & Invisible Captcha. This tool enables you to set up text-based protection, where the user is asked to check the “I’m not a robot” field when filling out a form and submitting a request. Failure to provide such protection creates a medium for sending unsolicited messages to you and other users, which can damage your domain’s reputation. Don’t ignore it!
Implement tools that search for malicious codes in real-time
One of the most popular tools for this is the Wordfence security plugin. This plugin acts as a firewall for your site – it analyzes the site’s code in real-time, notifies you about the occurrence of a malicious code, and blocks attempt to compromise your content management system.
Make sure the SSL certificate is activated
Once a customer has purchased a hosting plan from us, we offer them a free Let’s Encrypt certificate – we’ve described its installation in our knowledgebase. The SSL certificate’s essential function is to encrypt the data sent between the website’s visitor and the server, so if you use contact forms, online payments, etc., on your page, the certificate is required. Moreover, with the certificate, the site will be displayed as “secure” in the browser. One essential step to take is to activate redirection to the secure HTTPS: // protocol in WordPress after installing the free certificate. Again, you can use the Really Simple SSL plugin. Simply install and activate the plugin, and if all goes well, you will see a green padlock symbol next to your website domain.
Automatic software update
One of the most important steps to protect your site from hacking is to keep the software up to date. Without regular updates, security vulnerabilities appear in the software and hackers can easily break into your site. If you don’t make any changes during the installation, the software will update automatically. However, it’s always a good idea to check the “Updates” section to see if the developer of the content management system, theme, or plugin has released a new version.
Here you go! If you’ve followed all the steps correctly, now your website is ready to go!