This article was first published here.

UPDATED: July 17, 2017

I can still remember the day it happened. I was sitting at my desk with tea in hand, and logged into my site to publish my daily post. But wait, what?! That’s not my site, I thought…

Yes, I’d been hacked. Every day, hackers (which are typically ‘bots’ rather than humans) are scanning the web looking for easy targets. When they find a WordPress site with questionable hosting, a weak password, an outdated version of WordPress, or themes and plugins with security issues, they know they’ve found their next target.

Not sure how to secure your WordPress website? In this post, we’ll go over 10 simple ways you can beef up security on your site. That way, you’ll hopefully never have a morning (and afternoon) like I did!

How to secure your WordPress website Choose reputable hosting. Use a strong password. Do regular backups. Block malicious login attempts. Scan for malware. Keep on top of WordPress, theme and plugin updates. Implement a two-factor authentication solution. Restrict user access. Use SSL. Make smart theme and plugin choices.