Spring is nearly here and along with it flowers, sunshine and …

Spring cleaning, a time when we channel our inner Marie Kondo, purge all of our unneeded items and give everything else a bit of TLC. Much like your home, your WordPress website could likely benefit from a little spring cleaning.  Does your site keep telling you it’s time to update, do you have an untold number of annoying notifications waiting for you when you log in to make a post or update content? Have you been avoiding adding content because you just can’t deal with all of those updates? Well, you’re not alone.  Thankfully by following a few simple steps, you can take your WordPress admin from out of date and overwhelming to fresh, clean and inviting.

This is the second part of a three-part series on how to Backup, Update and Optimize your WordPress website. In part one, we went through the steps to set up a backup plugin on your site and perform a backup. As well we updated all of your WordPress core files, Plugins and Themes. In this article, part 2 we will be  running a security audit on your site to your ensure your content is protected. In part 3, we will be optimizing your site’s database and reviewing your content and on page SEO.

Secure it

Now that we have your site up to date, let’s do a quick security scan to make sure that nothing untoward is going on behind the scenes. If you have not completed this step please read the first part of this series to learn how to backup and update your site.  To secure you will need to install the Wordfence plugin. If you already have Wordfence installed then you can skip ahead to step # 11. If you are on WP Engine or Flywheel hosting these steps will not be necessary, as they run their own security software that takes care of scanning your site on a regular basis:

  1. Go to the Plugins area and install the Wordfence plugin
  2. On activation, you will be prompted to enter your email for security notifications, make sure to opt out of the mailing list (unless of course, you want to get security newsletters from Wordfence)
  3. Click “No Thanks” on the next screen
  4. Next click on the Wordfence/All Options link in the left sidebar
  5. Here you will see prompts for the firewall configuration and automatic updates
  6. Click on the “Click here to configure” button
  7. Unless there are errors click the “Continue” button on the next screen that describes what type of server configuration has been found. Note: for some server configurations it may require you to download a copy of your htaccess file before clicking continue.
  8. Next, you will see a screen notifying you that the installation was successful. Click the “Close” button
  9. Click the “yes, enable auto-update” button in order to keep Wordfence up to date
  10. Next, under all options click on “Email Alert Preferences”  and deselect all of the options except: “Alert me with scan results for issues of this severity level: Critical” and “Alert me when there’s a large increase in attacks detected on my site”. Doing this will keep the messages from Wordfence to a minimum.
  11. We’re now ready to run a security scan. Click on the scan link in the WordPress sidebar.
  12. Here you will be prompted to start a scan, click the “Start New Scan” button. This scan will take a few minutes to complete so this is probably a good time to grab a coffee, tea or your beverage of choice.
  13. Once the scan is complete you should hopefully see a message stating that “No new issues have been found.” Should any issues be found Wordfence will give you some useful information on how to fix the problems. Usually, the only issues found are out of date Themes, Plugins or WordPress core files but since we just completed those updates these shouldn’t come up.

Stay tuned for part 3 where we will be optimizing your WordPress database and content so that you can put your best face forward this spring.