Here’s to a more proactive, fresh, secure, and spam-free WordPress website in 2024!
Want to sleep soundly at night? Do the following things. 🤓
1. Install an Anti-Spam Comments Plugin
I recommend Advanced Google reCAPTCHA to block spammers from blowing up your comments.
Check out the comments section at the end of this post to see how it works!
2. Prevent Hackers From Getting Into Your Website
In addition to the Advanced Google reCAPTCHA plugin I mentioned above, which adds a ReCAPTCHA to your website login screen, you can also add more security measures such as two factor authentication (2FA).
My personal favorite plugin is WP 2FA, which is free and simple to set up. It uses 2FA app such as Authy, so you can verify on your phone or other device that it is really you trying to log in. Otherwise, your website will be like Fort Knox!
3. Prevent Spam Form Submissions
If you’re using Elementor (and you should be), installing RECAPTCHA on your contact forms is pretty simple and will save you from future headaches. Review this Elementor tutorial here to get started.
4. Ensure That Your Website is Accessible
Accessibe is an easy plug-and-play solution to add an accessibility widget to your website.
- It’s the right thing to do: brands that prioritize accessibility and inclusion send a clear, positive message that they care about all members of their communities.
- Optimize your website’s reach: reduce bounce rates and maximizes your site’s reach with enhanced search visibility.
- Mitigate Legal Risk: In 2021, the number of web-related lawsuits in the U.S. saw a 320% increase over the past eight years; the average settlement costs around $30,000.
- Receive tax incentives: Up to a $5,000 tax credit available to business owners that invest in accessibility.
Learn more about Accessibe and how it works here.
5. Secure Your Emails
*insert Hillary Clinton joke here*
Updating your DKIM (Domain Keys Identified Mail) settings and adding a DMARC (Domain-based Message Authentication) record is the single best thing you can do to protect against spoofing, phishing, and help prevent your emails from being marked as spam by your clients or customers.
To turn these on for your domain, learn how to do this in Google Workspace (GSuite) here.
These are essentially just DNS records for your domain, as well as some settings within your email service provider (i.e. Google Workspace, Office365, etc).
If you don’t want to deal with any of the above, that’s totally understandable. Schedule a chat with me and we can discuss how I can help get you squared away 🙂