3 Tips To Keep Your Real Estate WordPress Website Secure

Having a website for your real estate investing business is as close to a no-brainier as you can get. Many investors choose WordPress for their website due to the simple easy way to post updates without needing a website designer and a degree in computers. Not only that but WordPress is free and included with most hosting. WordPress comes with its own problems that the real estate pro should be aware of; they are susceptible to hacking.

It's not WordPress' fault. Websites are never 100% secure. Hackers are always trying new things and discovering new vulnerabilities. Good security is about reducing the possibility of getting attacked. There are many ways you can lower your risk when it comes to WordPress.

Recently, the theme, Nexos Real Estate Theme, popular with real estate listings websites, has been found to have a vulnerability. In addition to the vulnerability, it was also found to have active exploits available; meaning the bad guys are trying to find these sites right now. These vulnerabilities are classic cross-site-scripting and SQL injection attacks; basically, they allow the bad guys to get access to areas of the site they are not supposed to have.

The risk may seem low. The security issue allows a remote attacker to post new content. Potentially this content could contain malware and other virus laded content that could innocuously infect your visitors. They could also use your website to launch other unbecoming attacks. This could cause far more trouble than a few pages on your website being defaced. Bottom line is you do not want this to happen.

Keeping a WordPress website up to date is important and simple. Everything in WordPress is easily updated to keep up to date. You will want to update the WordPress core, themes and plugins.

3 WordPress Security Tips

1. Backup

I strongly recommend a good backup as a primary, basic means of security. Having a good backup means you can just restore your site to its pre-attack status. Backups can be done directly from the WordPress dashboard, through plugins, and many website hosts offer it built in, or as an add-on paid service. Don't skip this critical step.

2. Update

Another big "to do" item is to update your WordPress core, theme and plugins. Older versions of WordPress had to be manually updated. Newer versions have settings to automatically update. The risk is that something may break and stop functioning. The risk is worth it to stay secure.

3. Strong Passwords

Having a strong, secure password can be a great deterrent to the bad guys. Use a combination of upper case, lower case, numbers and special characters will help. And never share your password. Setup special accounts for anyone else to access your website. Remember, your passwords are like your toothbrush; both can be shared and both increase your chance of infection.

How to Update WordPress

To check WordPress for updates, login to your WordPress dashboard, click updates under the Dashboard, then click Update Plugins and Update Themes. If there is not button, your WordPress site is already up to date.