Uncoded WordPress Security FAQ

The world of WordPress security and maintenance can seem daunting – particularly when you have a business to run. At Uncoded, we specialise in the day-to-day maintenance and security of WordPress websites, which allows our clients to save time, regain peace of mind, and ultimately focus on running their business.

To help bring you up to speed, we’ve answered some of the most common questions we encounter.

General WordPress Security FAQ

What is WordPress security?
WordPress Security is the process of protecting your WordPress site from malicious attack, through appropriate protection (restricting access), detection (scanning for malicious activity), and backup (creating a copy you can refer to should the worst happen).
Why is WordPress security important?
A secure WordPress website is fundamental to the safety of your business. You spend hours creating high-quality content and building your online presence, so it’s vital you protect your asset with the appropriate due diligence. Unfortunately, there are some bad folks out there, and websites do get hacked. On average, 30,000 sites are identified every day (source Sophos Labs) as distributing malicious code, which means they’re hacked. The internet is a wonderful way to make a living, don’t let a few bad eggs spoil it for everyone else – fight back with better security!
How will I know if my site is hacked?
Most people don’t realise their site is compromised until it’s too late. An infected website can reveal itself in many ways, such as a drop in search rankings, slow performance, strange text or links appearing in your content, or worst of all, complete deletion of your site.
Is WordPress unsafe?
Some folks like to blame WordPress, but this isn’t necessarily fair. WordPress is an open-source CMS that now powers up to 25% of the web, and while this open-source nature helps to make the platform very powerful and flexible, it does also make the foundations of your site very public.

On the positive side, open-source code means you’ve effectively got thousands of developers on your side working hard to improve it every day, and this includes the security side. You just need to be diligent in making sure you integrate these updates as soon as they arrive.

In most cases, hacks do not happen because of WordPress itself; they occur due to inadequate due diligence, weak passwords, server vulnerabilities, and even poor personal computer security.

How can I 100% secure my site?
No website can ever be 100% secure; if anyone ever promises this to you – they’re lying. The online world changes so quickly, with new threats materializing every day. The only way to completely secure your website from attack would be to take it offline, and disconnect your computer from the internet. Good security is about reducing risk.
Can I secure my WordPress website myself?
Of course you can. If you’re not currently using a basic WordPress security plugin, we recommend you start by installing iThemes WordPress security. This plugin is the tool we use to secure our client websites; even the free version will drastically improve your security. To properly set up and configure iThemes Security, however, takes a lot of time, and some considerable technical chops. If you’re at all uncertain, or just short on time, we recommend you contact us for a free security consultation.
Should I update WordPress as soon as a new version is released?
Yes, everytime. Some folks are scared of updating WordPress for fear it might break their website. And, yes, while there is always a risk that you could lose some functionality, you should always prioritize security. Around 80% of updates are security updates, not functionality upgrades. Also, if a WordPress update fails halfway through, your installation will simply fall back to the previous version – so you needn’t worry about that either. For complete peace of mind, always take a WordPress core backup before updating.
What if my personal computer is compromised with a virus?
Many WordPress hacks happen from the inside – meaning they didn’t break into your site, they just obtained your login directly, through keylogging or other means. Personal due diligence around your personal computer – including strong passwords and appropriate anti-virus software – should be your utmost priority.
I’m on a Mac. Aren’t they more secure?
While it’s true, there are less known threats for Mac computers, this does not make them immune to Malware or other forms of security threat. Besides, if you’re sat in a coffee shop using some free wi-fi, and someone happens to be listening to the network (keylogging everything that’s going on) your website is as good as gone anyway – no matter what system you’re using.
How can I backup my website?
Backup up your website is a vital security measure. iThemes produce a great plugin that will schedule regular backups and email them to you, called Backup Buddy. However, in our experience, it is more secure and efficient to use an off-site maintenance solution, such as Manage WP, which allows you to schedule regular backups and then store them using secure cloud storage, like Amazon S3.

WordPress Security Plan FAQ

Who and what is Uncoded?
In the most basic terms, Uncoded is a couple of guys who put their heads together to help make the internet a better place for people like you!

We don’t think you or your clients should have to worry about hackers, viruses, or any other form of malicious attack. That’s why we take the time to secure your site right the first time and maintain vigilance over your security.

When can you start protecting my site?
We can start as soon as you’d like. Contact us day or night by mail, email, or phone as listed on our contact page.
How do you protect my site?
We use a combination of tools that are known for their reliability, innovation, and constant improvements. These tools are:
After we set these up, we’re constantly monitoring for anything out of the ordinary on your site.
How do you set everything up?
Once you’ve signed up we’ll contact you to get some basic information and then we’ll get to work by doing a complete site backup and proceed to install and configure your site security. After that, you can feel secure knowing we’re watching over your site. If you want to know more, please contact us and we’d more than happy to answer your questions.
Am I locked into a contract?
Not at all, you can cancel your subscription anytime by simply contacting us and we’ll refund any unused portion of your month.
How do I pay?
Currently we only accept payment via PayPal and credit card via PayPal.
Can I upgrade/downgrade my plan?
Of course! Just contact us and we’ll change your plan on your next monthly billing cycle.

Contact us here.

Custom WordPress Security Plans FAQ

What is a custom security plan?
When none of our plans fit into your security needs, we’ll work with you to create a one that fits your site and business needs.
How much does it cost?
While there is no one price for a custom plan, they do start at $299 per month and depends on your needs.
How do I get a custom plan?
It’s easy, just contact us using any method on our contact page and ask about getting one! Please include your security needs and anything else you feel is relevant. Once we’ve looked over what you’ve sent, we’ll contact you for further information and discuss your options. Once you’re happy with the created plan you can sit back and let us get to work!
Am I obligated to keep my custom plan?
Once we’ve created and enacted a plan just for you, we do require you keep it for at least 6 months before you can downgrade to one of our other offered plans. However, in the event you don’t want to change the plan, we’ll work with you to fine tune it and meet your needs.
What additional services can I get with a custom plan?
While this isn’t a complete list, these will give you some ideas of what you can add to your custom plan. If you think of something outside this list just ask us about it. If we can’t do it, we can recommend someone who can.

  • SEO Monitoring & Research

  • Tailored Reporting

  • Guaranteed Service Level Agreement

Want more info?

We’re here to help

Ask Us

FREE! WordPress Security Checklist

Click Here
To Download