Why Secure WordPress Site Setup is a Must-Have Skill for Designers

A purple-and-blue framed box with the WordPress Logo and a green lock over it and the words "Secure WordPress Site Setup - Wyy It's a Must-Have Skill for Designers"

Secure WordPress site setup is a must-have skill for designers and website owners.

In this post I’ll share why it’s important for WordPress sites to be secured from the root up and where to find the the training to do the job properly.

WordPress is Most Popular CMS

Once upon a time it was simple and fun to set up a WordPress blog.

Choosing plugins and themes became the main focus for web designers and site owners alike. Most site owners and many web designers didn’t think twice about site security.

As an open source content management system (CMS), WordPress has grown into the most-widely used platform in the world.

W3Techs (a company that monitors web technology usage) cites that WordPress powers over 43% of websites.

The problem is that as the market share has grown, so too have the opportunities for hackers. That makes WordPress a natural target for security exploits since it’s inception.

Since 2003 WordPress has continually hardened its core software to mitigate common security threats. (You can learn more about WordPress core security here.)

WordPress Site Design is So Much More Now

I fell in love with WordPress when I set up my first blog.

I loved experimenting with themes and plugins, enjoyed writing blog posts and tutorials, and soon became hooked on the WordPress platform.

But I didn’t know what I didn’t know!

It was no longer enough to know how to install WordPress and activate a theme.

Yes, creating a beautiful website is fun and rewarding! Clients should be proud of their websites and designers should be proud of the work that we do for them.

But responsible web design means that you as web designer has taken every precaution to keep your client’s site secure, updated, and performing well.

The Search to Find WordPress Training

And there wasn’t any one place to find the training I needed.

So I began to search the web for tutorials, courses, webinars, and whitepapers on how to do a secure WordPress site setup.

As I educated myself about WordPress, I soon learned that security has always been a concern for the WordPress community and core developers.

But it became confusing to understand exactly how to secure a site and what best practices should be implemented. This was due to all of the hacks, well-meaning posts, and advice from colleagues and online gurus that my research turned up.

For years I documented everything I learned about WordPress security.

I even compiled a post to help folks with steps they could take to secure their WordPress site.

And I continued my search to stay on top of best practices for WordPress security and performance. But was it enough? Was I on track?

BlogAid to the Rescue!

That’s when I discovered MaAnna Stephenson of BlogAid. I initially saw MaAnna pop up in WordPress Facebook Groups and forums I joined, and I was impressed with her critical thinking and laser focus.

I also appreciated her ability to cut through the noise and lead others to the right choice regarding their WordPress sites.

So I subscribed to MaAnna’s weekly newsletter, BlogAid News, and started following her on social media.

As a web designer, I realized that there was definitely value in educating myself in order to confidently and competently expand the services I was selling.

But First I had to Start with My Own Site Audit

In fact, I was so impressed that many years ago I hired MaAnna to do a site audit for my business site.

It was actually quite a learning experience, and together we dug into my website, its plugins, the server and more.

And she told me that my security setup was “a mess.” (She will tell it to you straight!)

Looking back, I wasn’t one bit surprised. There were so many articles out there on website security that I found myself trying to incorporate most of what I read. A bit of code here, a blocked IP there, an .htaccess directive…

My behemoth setup included things like bloated third-party plugins that managed my website security, a convoluted .htaccess file (the file that controls the configuration of the website) and directives that could even lock me out of my own website while I was traveling.

Yikes! Yes, it was all secure, but difficult to  manage!

After that site audit, I was determined to educate myself and continue in ongoing education so that I would be a more efficient webmaster.

What Site Owners and Designers Need to Know

As I soon learned, secure WordPress site setup includes:

  • setting up a site from scratch (that means installing WordPress manually, not using the one-click install offered by most hosting companies)
  • securing the host root account by locking down critical root files
  • creating a database manually
  • configuring site settings for security
  • setting the site up under SSL
  • ensuring only one site per cpanel account
  • improving security and performance through Cloudflare or another CDN
  • blocking bad bots that chew up hosting resources
  • installing well-optimized and maintained plugins
  • preventing brute force attacks
  • installing a firewall
  • prohibiting directory browsing of critical WordPress files
  • periodic site audits to ensure everything is working as expected
  • and so much more!

Secure WordPress site setup also means a self-hosted or managed site.

When you build a site on Wix or Squarespace, you are handing everything over to a third party. Should those companies go out of business, there goes your website right along with them.

Where to Learn Secure WordPress Site Setup

As a designer, I’ve always been very good at understanding client requirements and translating that into a functional and pleasing website design that my clients were happy with.

But I just couldn’t keep on top of breaking news and information that was critical to my business.

And so I began to search for some sort of ongoing training that would benefit me and keep me up-to-date with the latest and greatest on WordPress, SEO, Google trends and more.

Seeing the value that MaAnna had provided me, her clients, and the broader WordPress community, it was a no-brainer for me to sign up for her Webmaster Training so that I could provide more of that same value for my own clients.

MaAnna has created an outstanding library of training to help web designers and site owners just like you and me do the job right in the back-end. 

I’m willing to bet that there are many designers out there who have struggled with similar issues.

Disclaimer: As a side note, I am not an affiliate nor am I compensated in any way for writing this article or recommending MaAnna’s programs.

I’m just a proponent of bringing excellence to every job I do for every client that hires me.

And that means I must commit to ongoing training from trusted and vetted sources like BlogAid.

It Takes a Village — So Why Not Join One?

As part of Webmaster Training, I have access to an exclusive Facebook Group of like-minded webmasters who take their roles seriously and want to have an arsenal of training, support, resources, colleagues, and more at their disposal.

This Facebook group includes live workshops and group chats where we support and help each other.

It is a rich community of people with specialized skill sets that I feel confident hiring. And they have hired me as well.

Stay Ahead of the Curve

HTTPS, Gutenberg, PHP 7.3+ — you name it, we need to know it, deal with it, and stay ahead of it before it turns around and bites us or crashes our clients’ sites.

There is no such thing as complacency when you work in technology.

You will never know everything, but you can posture yourself as an educated and competent webmaster by doing all you can to stay current with technology trends and best practices.

MaAnna’s self-paced training is continually updated and will appeal to all skill levels.

The Results are In — Immediate ROI

I’m happy to report that the investment in this training has skyrocketed my business. In fact, the return on my investment was immediate and has paid for itself over and over again.

If you have been like me searching all over the web for comprehensive, up-to-date training that will boost your webmaster skills to the next level, then look no further than BlogAid’s Webmaster Training.

If, on the other hand, you’re a site owner who would rather hire someone to take care of your website security and performance, please contact me for an initial consult.

Together we’ll come up with a plan to secure your site from the root up so you can rest assured that your site is meeting WordPress best practices for security and performance.

Over to You

I hope you have a better understanding as to why secure WordPress site setup is so important for web designers and site owners  to know.

I’m happy to answer any questions you may have. Just leave a comment below!

How do you stay on top of emerging technology trends with WordPress, Google, SEO and more?

Have you found training that works for you?

I’d love to hear about your experience with this. Please share in the comments below!

Print Friendly, PDF & Email

About The Author

Leave a Reply

Inline Feedbacks
View all comments
3 years ago

How much of this should web designers be expected to provide as a free “standard” service, and what can we reasonably offer as premium add-ons. Because from what I’m reading, proper site security is a time-consuming process.

Lin Pearson
3 years ago

I have to agreee with everything you say here, Michelle. Blogaid and MaAnna have been such a blessing to me, also. As a DIY site owner, suffering from “self-taught syndrome”, I didn’t know how to improve my dull and unattractive site. Thanks to the Blogaid training I began to understand where I had gone wrong. So I started another site from scratch. I was also glad to have you on board, Michelle, Your design skills beautifully interpreted my tentative ideas, as did the extras that you suggested and implemented. I don’t know how I would have managed, without MaAnna at… Read more »

3 years ago

Michelle, thank you so much for your kind words and helping more designers find the help they need to keep up with the changing online landscape. I agree that it used to be simple and fun to set up a site – no tech skills required. But those days have been over since 2013 with all the huge DDoS attacks that brought many hosts to their knees – for 8-10 days! And while reputable hosts have tightened their security, most site owners haven’t kept pace. That’s especially dangerous for the millions of site owners on shared hosting where the security… Read more »

Scroll to Top