WordPress SECURITY from Sucuri
https://sucuri.net/guides/wordpress-security
Keep WordPress, themes and plugins updated.
When a new update is available, you’ll be notified in the Dashboard > Updatesmenu.
You should always apply updates as soon as possible. Logging into your site on a frequent basis will ensure that you’re aware of updates as they are released. If you cannot update your site for any reason, consider using a website firewall to virtually patch the problem and minimize the risk.
Plugin Security
You can assess the security of WordPress plugins and themes by reviewing a couple of important indicators:
- Does the plugin or theme have a large install base?
- Are there a lot of user reviews, and is the average rating high?
- Are the developers actively supporting their plugin and pushing frequent updates or security patches?
- Does the vendor list terms of service or a privacy policy?
- Does the vendor include a physical contact address in the ToS or from a contact page?
Carefully read the Terms of Service – it may include unwanted extras that the authors didn’t advertise on their homepage. If the plugin or theme doesn’t meet any of these requirements or has recently changed owners before the latest update, you may want to look for a more secure solution.
See more at: https://sucuri.net/guides/wordpress-security
Willamina Library Code Club 