Your church website is valuable to you and it’s worth protecting. Church website security is an important element in your website health. However, it is often overlooked. The biggest website security mistake you can make is to not take security seriously in the first place. Five More Talents has valued website security since our beginning. We were motivated to employ stronger solutions after several Christian church websites fell victim to ISIS-sympathetic hackers back in 2015. We learned valuable lessons in the aftermath of those hacking instances and we’ve continued to use our experience to build a more secure platform for churches. Get started with these five tips for better church website security.
#1 – Create strong passwords.
This one seems too simple, but it’s actually an easy first step that can save you a lot of trouble. As of last year, 8% of WordPress hacking attempts succeeded because of weak login information. Creating strong passwords is the first line of defense against potential hackers. To make things even easier, WordPress gives your password a color-coded grade when you create it. Usually, strong passwords include a combination of numbers, letters (uppercase and lowercase), and special characters.
#2 – Apply WordPress core, plugin, and theme updates as they become available
This is another tip that seems too simple to make a big difference. But an ounce of prevention is worth a pound of cure. In the same way that it’s harder to break into a car that’s driven every day, a regularly-updated website is tougher to tamper with than one that sits idle for weeks at a time. Keeping your website on the most recent version of WordPress and consistently updating your plugins and themes is a great way to maintain website security. Processing these updates is simple and can be done in a matter of minutes right on your WordPress dashboard. (Learn how.)
When your website is staying current with new versions of plugins and themes, there are fewer security vulnerabilities for would-be hackers to manipulate. The good news is that if you are already a customer of Five More Talents, we apply your upgrades for you automatically as part of our Managed WordPress Hosting services.
#3 – Manage user accounts and permissions wisely.
As a website admin, you have control over users and what they can access in your WordPress dashboard. There are various levels of access that WordPress users can have. They range from ‘subscriber’ to ‘admin’. If your church website includes a blog, sermon library, or other consistently-updated content sections, you’ll likely have several users who need access to the WordPress dashboard. This is perfectly normal and expected.
However, wisdom is still required to know how many user accounts to set up and what level of access each user account is given. We’ve made an effort at Five More Talents to coach our customers in making smart website decisions like this. If you are a customer and want to get some insight, contact us! Keep in mind that the more users with access to your WordPress dashboard, the more chance there will be for a login mistake.
#4 – Invest in a WordPress Security Plugin for Additional Protection
There are several WordPress plugins that specialize in adding layers of protection to your website. For example, Wordfence and iThemes Security are both great places to start. These plugins can protect you from sophisticated hacking attacks that may slip past other surface-level deterrents. Installing these plugins is worth the investment in the long run. It makes your church website security stronger and allows you to focus on creating content and using your website for outreach. Five More Talents developers have experience with these plugins and can help configure them.
#5 – Use two-factor authentication.
Two-factor authentication is an extra login step that WordPress users can use to increase their login security. Most of the time this involves using an email code to log into the WordPress dashboard in addition to a username and password. Using two-factor authentication adds another layer of protection to your website and ensures that the people accessing your WordPress dashboard are the ones who should be. You can set this up on your WordPress dashboard. If you are a Five More Talents customer, let us know and we can take care of the settings for you!