Welcome to the Treehouse Community

Want to collaborate on code errors? Have bugs you need feedback on? Looking for an extra set of eyes on your latest project? Get support with fellow developers, designers, and programmers of all backgrounds and skill levels here with the Treehouse Community! While you're at it, check out some resources Treehouse students have shared here.

Looking to learn something new?

Treehouse offers a seven day free trial for new students. Get access to thousands of hours of content and join thousands of Treehouse students and alumni in the community today.

Start your free trial

WordPress How to Make a Website with WordPress Plugin Best Practices Common WordPress Plugins

Carl Sergile
Carl Sergile
16,570 Points
Posted by Carl Sergile
Carl Sergile
16,570 Points

Security

Hey is there any security plugins that might be required for WordPress or is WordPress pretty much secure enough on its own?

4 Answers

Sue Dough
Sue Dough
35,800 Points
Sue Dough
Sue Dough
35,800 Points

Nothing is 100% secure. WordPress just had multiple vulnerabilities in the latest versions. However its generally pretty secure. Nothing is bullet proof and most software is going to have security issues. The reason why a lot of WordPress sites get hacked is because they are using poorly coded plugins/themes. It is rarely because of WordPress however when it is its usually because the person has not updated the version for a long time. Security plugins can only do so much, they can't protect you from bad themes/plugins. Once your hacked, the security plugin can't do sh*t. Your best option is to test with security tools against your site. You can run wp-scan against your site which is a ruby tool. It will look for security issues and let you know about them. You can also hire penetration testers and white hat security researchers.

Firetoss Firetoss
PLUS
Firetoss Firetoss
Courses Plus Student 1,960 Points
Firetoss Firetoss
Firetoss Firetoss
Courses Plus Student 1,960 Points

Wordfence https://wordpress.org/plugins/wordfence/

Sucuri https://wordpress.org/plugins/sucuri-scanner/

Firetoss Firetoss
PLUS
Firetoss Firetoss
Courses Plus Student 1,960 Points
Firetoss Firetoss
Firetoss Firetoss
Courses Plus Student 1,960 Points

You always update core and use well coded plugins. As well as keep your plugins updated.

Carl Sergile
Carl Sergile
16,570 Points
Carl Sergile
Carl Sergile
16,570 Points

Hey guys, Thanks for clearing this up for me! I have a new found trust in WordPress! So basically if you keep up with updates and site up keep then your site is less likely to get hacked.

So guess I will be updating very frequently then.

Bonus Question: Is there a way that you guys know to update your theme automatically? So that way you don't have to do anything and WordPress will take care of its self.