1. Keep your website up to date
It’s important to know that hackers are always looking for vulnerabilities. These vulnerabilities are (small or large) errors in the code of, for example, WordPress itself, or of certain plug-ins. There is a danger that hackers will abuse these errors to gain access to your WordPress website and then deposit malicious code and files there.
In order to prevent this (or at least reduce the risk of these types of errors being abused), it is very important to update WordPress (i.e. the core of your website), the plug-ins you use and the template (also called theme or template) as regularly as possible. Developers of the software regularly release updates for their plug-in or theme. Install them, because if they have discovered errors, they will be plugged into the latest version.
Don’t have the time to update your WordPress website yourself, but don’t want to take any risks? I offer several subscriptions where I can take this worry off your hands. Check out the possibilities by clicking here.

3. 2FA. 2FA? Yes, 2FA.
Maybe you already know 2FA from your bank or another institution where it’s becoming more and more common. 2FA stands for two factor authentication and means that you use two passwords or codes to log in. This is now also possible for WordPress, via the Wordfence plug-in that we offer as an option on our websites.
It works as follows. You choose a secure username and password to log in to the back end (the admin area of WordPress that the user does not see, but where you add pages and content). Then an extra screen appears asking for a code. This is the second authorization required before you can access WordPress. This code is randomly created by an app on your smartphone. An example of such an app is Google Authenticator. After you’ve added your account, the app will create codes that change all the time. As soon as you’re asked for it, type in the code that’s currently in the app and you’ll get access to WordPress.
Because the app is on a different device (your smartphone instead of your PC or laptop) and by quickly randomly generating the login code, this way of logging in offers extra protection against unwanted access to the WordPress back end.
