{"id":93152,"date":"2026-03-19T05:27:32","date_gmt":"2026-03-19T10:27:32","guid":{"rendered":"https:\/\/www.bricktowntom.com\/blog\/?p=93152"},"modified":"2026-03-19T05:27:32","modified_gmt":"2026-03-19T10:27:32","slug":"10-wordpress-security-best-practices-you-need-to-implement-right-now","status":"publish","type":"post","link":"https:\/\/www.bricktowntom.com\/blog\/03\/10-wordpress-security-best-practices-you-need-to-implement-right-now.html","title":{"rendered":"10 WordPress security best practices you need to implement \u2014 right now\u00a0"},"content":{"rendered":"<p>WordPress is a powerful web application and is used by up to 43% of the internet, to date. But with great popularity comes great threats. With numbers like these, many would-be attackers are constantly on the lookout for weaknesses in <a href=\"https:\/\/www.godaddy.com\/pro\/hosting\/wordpress-hosting\" data-eid=\"procontent.garage.wordpress-security-best-practices.product.link.click\" data-wpel-link=\"internal\" target=\"_self\" rel=\"follow noopener\">your site<\/a> \u2014 a good reason to implement these WordPress security best practices, right now.<\/p>\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_82_2 counter-hierarchy ez-toc-counter ez-toc-grey ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #999;color:#999\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #999;color:#999\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/www.bricktowntom.com\/blog\/03\/10-wordpress-security-best-practices-you-need-to-implement-right-now.html\/#WordPress_security_best_practices\" >WordPress security best practices<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/www.bricktowntom.com\/blog\/03\/10-wordpress-security-best-practices-you-need-to-implement-right-now.html\/#1_Update_file_permissions\" >1. Update file permissions<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/www.bricktowntom.com\/blog\/03\/10-wordpress-security-best-practices-you-need-to-implement-right-now.html\/#2_Disable_the_xmlrpcphp_File\" >2. Disable the xmlrpc.php File<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/www.bricktowntom.com\/blog\/03\/10-wordpress-security-best-practices-you-need-to-implement-right-now.html\/#3_Hide_your_sensitive_details\" >3. Hide your sensitive details<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/www.bricktowntom.com\/blog\/03\/10-wordpress-security-best-practices-you-need-to-implement-right-now.html\/#4_WAFCDN_protection\" >4. WAF\/CDN protection<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/www.bricktowntom.com\/blog\/03\/10-wordpress-security-best-practices-you-need-to-implement-right-now.html\/#5_Combat_comment_Spam\" >5. Combat comment Spam<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/www.bricktowntom.com\/blog\/03\/10-wordpress-security-best-practices-you-need-to-implement-right-now.html\/#6_Enable_CAPTCHA\" >6. Enable CAPTCHA<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-8\" href=\"https:\/\/www.bricktowntom.com\/blog\/03\/10-wordpress-security-best-practices-you-need-to-implement-right-now.html\/#7_Enable_2-factor_authentication_2FA\" >7. Enable 2-factor authentication (2FA)<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-9\" href=\"https:\/\/www.bricktowntom.com\/blog\/03\/10-wordpress-security-best-practices-you-need-to-implement-right-now.html\/#8_Change_the_WP-admin_URL\" >8. Change the WP-admin URL<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-10\" href=\"https:\/\/www.bricktowntom.com\/blog\/03\/10-wordpress-security-best-practices-you-need-to-implement-right-now.html\/#9_Add_server-level_protection\" >9. Add server-level protection<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-11\" href=\"https:\/\/www.bricktowntom.com\/blog\/03\/10-wordpress-security-best-practices-you-need-to-implement-right-now.html\/#10_Strong_login_credentials\" >10. Strong login credentials<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-12\" href=\"https:\/\/www.bricktowntom.com\/blog\/03\/10-wordpress-security-best-practices-you-need-to-implement-right-now.html\/#Closing_thoughts_on_WordPress_security_best_practices\" >Closing thoughts on WordPress security best practices<\/a><\/li><\/ul><\/nav><\/div>\n<h2><span class=\"ez-toc-section\" id=\"WordPress_security_best_practices\"><\/span>WordPress security best practices<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Sans the usual best practices \u2014 like keeping your core files, theme(s) and plugins up to date \u2014 there are also many other factors to take into consideration. File and directory permissions, and more are necessary to keep safe that which you\u2019ve worked hard on and treasure.<\/p>\n<h3><span class=\"ez-toc-section\" id=\"1_Update_file_permissions\"><\/span>1. Update file permissions<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>The default file permissions for all files on a WordPress site are typically set to <strong>644<\/strong>. The default directory permissions are set at <strong>755<\/strong>. There are scenarios that warrant differences.<\/p>\n<blockquote>\n<p>For instance, it is a good idea to have your wp-config.php file set to permissions stronger than 644.<\/p>\n<\/blockquote>\n<p>I know of folks who set that file\u2019s permissions to <strong>440<\/strong>. This helps make it harder for the riff raff to access the file. Some people set theirs to <strong>600<\/strong>. That\u2019s fine too.<\/p>\n<p>You can change the file and directory\u2019s permissions via File Manager, in your hosting plan. You can also alter these permissions in your favorite FTP program.<\/p>\n<h3><span class=\"ez-toc-section\" id=\"2_Disable_the_xmlrpcphp_File\"><\/span>2. Disable the xmlrpc.php File<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>What is this file? Well, simply put, the XMLRPC is a system that allows for remote updates to WordPress from other applications. To make sure your site stays secure, it&#8217;s a good idea to disable xmlrpc.php completely.<\/p>\n<p>However, if you need some of the functions necessary for remote publishing and the Jetpack plugin (for instance), you should use a workaround plugin that allows for these features while still fixing all the security gaps.<\/p>\n<p>One plugin that comes to mind is called <a href=\"https:\/\/wordpress.org\/plugins\/disable-xml-rpc\/\" data-wpel-link=\"external\" rel=\"nofollow external noopener\">Disable XML-RPC<\/a>. This plugin uses the built-in WordPress filter <em>xmlrpc_enabled<\/em> to simply disable the XML-RPC API on a WordPress site. This renders it unobtainable by someone looking to compromise your site.<\/p>\n<p>Another plugin that comes to mind is the <a href=\"https:\/\/wordpress.org\/plugins\/disable-xml-rpc-pingback\/\" data-wpel-link=\"external\" rel=\"nofollow external noopener\">Disable<\/a> XML-RPC Pingback plugin, which lets you disable just the pingback functionality. This means that you will still have access to other features of XML-RPC if you need happen to need them \u2014 for instance, if you\u2019re running Jetpack. There are other plugins that will also disable this file. See below for more details on that plugin.<\/p>\n<p>Both plugins are easy to use. You just have to install and activate them. They do the rest for you.<\/p>\n<p>In the event that you want to have more control over how the XMLRPC plugin works, you can instead install the <a href=\"https:\/\/wordpress.org\/plugins\/rest-xmlrpc-data-checker\/\" data-wpel-link=\"external\" rel=\"nofollow external noopener\">REST XML-RPC Data Checker<\/a> plugin. Once installed and activated, you would just need to go to <strong>Settings &gt; REST XML-RPC Data Checker<\/strong>, and then click the <strong>XML-RPC<\/strong> tab.<\/p>\n<p>Once there, you will be able to navigate through the interface to better control the xmlrpc.php file and what it does.<\/p>\n<p>If you already have a ton of plugins and want to avoid installing yet another, you can control the xmlrpc.php file via the .htaccess file by adding this line to it:<\/p>\n<p><strong><em>add_filter( &#8216;xmlrpc_enabled&#8217;, &#8216;__return_false&#8217; );<\/em><\/strong><\/p>\n<p>That will just turn it off altogether.<\/p>\n<p>You can also edit the <strong>.<\/strong>htaccess file with this command:<\/p>\n<p><strong><em>&lt;Files xmlrpc.php&gt;<\/em><\/strong><\/p>\n<p><strong><em>Order Allow, Deny<\/em><\/strong><\/p>\n<p><strong><em>Deny from all<\/em><\/strong><\/p>\n<p><strong><em>&lt;\/Files&gt;<\/em><\/strong><\/p>\n<p>Or have your hosting provider disable the file itself.<\/p>\n<h3><span class=\"ez-toc-section\" id=\"3_Hide_your_sensitive_details\"><\/span>3. Hide your sensitive details<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>Once you\u2019ve got your site all dialed in and live, hide certain details from the public eye that might lure someone towards wanting to compromise all your arduous work. A nice plugin for this is called <a href=\"https:\/\/hidemywpghost.com\/\" data-wpel-link=\"external\" rel=\"nofollow external noopener\">Hide My WP Ghost<\/a>. This plugin is a paid plugin, but it\u2019s worth the coin, and it\u2019s on sale now for a 5-pack license.<\/p>\n<p>This plugin does a fantastic job of hiding your core files, file paths, login page, and more. It performs the following functions, to name just a few:<\/p>\n<ul>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559684&quot;:-2,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"1\" data-aria-level=\"1\">Change the wp-admin and wp-login URLs<\/li>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559684&quot;:-2,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"2\" data-aria-level=\"1\">Change lost password URL<\/li>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559684&quot;:-2,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"3\" data-aria-level=\"1\">Hide \/wp-login path<\/li>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559684&quot;:-2,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"4\" data-aria-level=\"1\">Disable XML-RPC access<\/li>\n<\/ul>\n<ul>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559684&quot;:-2,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"1\" data-aria-level=\"1\">Change URLs using URL Mapping<\/li>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559684&quot;:-2,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"2\" data-aria-level=\"1\">Weekly security checks and reports<\/li>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"1\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559684&quot;:-2,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"3\" data-aria-level=\"1\">Email support, and more<\/li>\n<\/ul>\n<h3><span class=\"ez-toc-section\" id=\"4_WAFCDN_protection\"><\/span>4. WAF\/CDN protection<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>A big step towards protection is blocking people you don\u2019t want to have access to your site, altogether. This can be accomplished via a WAF (web application firewall) combined with a CDN (content delivery network).<\/p>\n<p>Fortunately, GoDaddy offers this type of protection through Sucuri. Once purchased and set up, you can go into the firewall settings and enable GeoBlocking, if you so desire, and block entire countries from accessing your site.<\/p>\n<p>The WAF will also help to speed up your site, since it does a wonderful job of blocking the known bad IPs and allowing the good ones to access your site.<\/p>\n<h3><span class=\"ez-toc-section\" id=\"5_Combat_comment_Spam\"><\/span>5. Combat comment Spam<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>Another nuisance is comment form spam. There is a great way to limit or prevent this type of problem. The method I like is to utilize the plugin called <a href=\"https:\/\/wordpress.org\/plugins\/wpdiscuz\/\" data-wpel-link=\"external\" rel=\"nofollow external noopener\">wpDiscuz<\/a>.<\/p>\n<p>With this plugin, wpDiscuz will take over your site\u2019s commenting and check against a host of bad actors, filtering out bad or malicious comments by forcing the commenter to enter credentials to comment. You get an email sent to you with each successful comment on your site, so you can then moderate further, if needed.<\/p>\n<h3><span class=\"ez-toc-section\" id=\"6_Enable_CAPTCHA\"><\/span>6. Enable CAPTCHA<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>It is highly recommended that you also enable <strong>CAPTCHA<\/strong> on all forms on your site(s). This will aid in the prevention of form spam. There are several types of CAPTCHA additions out there. Some ask the user to solve a math equation, some have a puzzle to solve, others have you select a series of pictures, and there are more variations.<\/p>\n<h3><span class=\"ez-toc-section\" id=\"7_Enable_2-factor_authentication_2FA\"><\/span>7. Enable 2-factor authentication (2FA)<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>A tried-and-true way of keeping out the knuckleheads out there who would seek to do your site harm is to enable 2-factor authentication on every user of your site. If you are on your site all the time, it can be a mild inconvenience to have to enter the 2FA each time you log in. But that is a small price to pay for the security of your site.<\/p>\n<p>A good plugin that can be used to enable 2FA is <a href=\"https:\/\/wordpress.org\/plugins\/wordfence\/\" data-wpel-link=\"external\" rel=\"nofollow external noopener\">Wordfence<\/a>. Just install the plugin and <a href=\"https:\/\/www.wordfence.com\/help\/tools\/two-factor-authentication\/\" data-wpel-link=\"external\" rel=\"nofollow external noopener\">go to this article<\/a> to see how to enable it.<\/p>\n<h3><span class=\"ez-toc-section\" id=\"8_Change_the_WP-admin_URL\"><\/span>8. Change the WP-admin URL<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>The default admin URL has been the same, on WordPress, for years. All bad actors know it and routinely attempt to gain access to your site via said URL. The above mentioned Hide My WP Ghost plugin does a great job of obscuring this URL by simply changing it.<\/p>\n<h3><span class=\"ez-toc-section\" id=\"9_Add_server-level_protection\"><\/span>9. Add server-level protection<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>If your WordPress site is hosted on a server, you can enable other security features that will help keep your site safe. One such feature is in WHM. You can help prevent or limit the possibility of an AnonymousFox compromise by simply turning off <strong>Reset Password for cPanel Accounts<\/strong> and <strong>Reset Password for Subaccounts<\/strong>.<\/p>\n<p>Simply go to <strong>WHM<\/strong> &gt; <strong>Tweak Settings<\/strong> &gt; search for <em>password<\/em>. From there, for the <strong>Reset Password for cPanel Accounts<\/strong> and <strong>Reset Password for Subaccounts<\/strong> features, select <strong>Off<\/strong>. This will help in preventing a bad actor from accessing \u2014 and then changing \u2014 the cPanel and subaccounts passwords.<\/p>\n<p>The second thing you\u2019ll want to do, if your site is hosted on a server, is to disable shell access to all your cPanel accounts. Just go to <strong>WHM<\/strong> &gt; <strong>Manage Shell Access<\/strong> &gt; <strong>Disable Shell<\/strong> for all cPanel accounts.<\/p>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"10_Strong_login_credentials\"><\/span>10. Strong login credentials<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>Last among our WordPress security best practices, but certainly not least, always use strong passwords and obscure usernames. I can\u2019t tell you how many times I\u2019ve come across passwords like <em>Password123!<\/em>. Another common mistake is making the username something relative to the site itself.<\/p>\n<blockquote>\n<p>If you want to get compromised, that is a sure-fire way to do it.<\/p>\n<\/blockquote>\n<p>Long and randomly generated passwords, in conjunction with usernames that have nothing to do with the site, are always your best combo.<\/p>\n<p>Another great idea is to continually change your passwords. It might seem like a pain, but that pales in comparison to getting hacked. How often you change your passwords is up to your discretion. \u2014 just as long as you do. (You\u2019ll be glad you did.)<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Closing_thoughts_on_WordPress_security_best_practices\"><\/span>Closing thoughts on WordPress security best practices<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>All in all, you have worked so hard for your intellectual property (or your client\u2019s). Why not keep it safe? These few, but helpful, WordPress security best practices can go a long way toward a successful and compromise-free website for years to come.<\/p>\n<p>The post 10 WordPress security best practices you need to implement \u2014 right now\u00a0 appeared first on <a rel=\"follow noopener\" href=\"https:\/\/www.godaddy.com\/garage\" data-wpel-link=\"internal\" target=\"_self\">GoDaddy Blog<\/a>.<\/p>\n<p>Source: Go Daddy Garage<\/p>\n<p id=\"kc_opp\"><small>Republished by  <a href=\"http:\/\/www.blogtrafficexchange.com\/\">Blog Post Promoter<\/a><\/small><\/p>","protected":false},"excerpt":{"rendered":"<p>WordPress is a powerful web application and is used by up to 43% of the internet, to date. But with great popularity comes &hellip;<\/p>\n","protected":false},"author":1,"featured_media":93153,"comment_status":"false","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[23511],"tags":[126],"class_list":["post-93152","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-ebusiness-emarketing","tag-information"],"aioseo_notices":[],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/www.bricktowntom.com\/blog\/wp-content\/uploads\/2022\/06\/computer-gbdcf80176_12801-300x196-1.jpg?fit=300%2C196&ssl=1","jetpack_shortlink":"https:\/\/wp.me\/p3k0YU-oes","jetpack-related-posts":[{"id":93889,"url":"https:\/\/www.bricktowntom.com\/blog\/04\/guide-to-wordpress-security.html","url_meta":{"origin":93152,"position":0},"title":"Guide to WordPress Security","author":"admin","date":"April 1, 2026","format":false,"excerpt":"A great-looking, high-performing website can be the key to success online, and WordPress checks all the boxes. It\u2019s almost infinitely scalable and capable of nearly endless functionality. However, as with any website, WordPress requires security measures to keep it online and running at its best. This WordPress security guide will\u2026","rel":"","context":"In &quot;E-business &amp; E-marketing&quot;","block_context":{"text":"E-business &amp; E-marketing","link":"https:\/\/www.bricktowntom.com\/blog\/category\/ebusiness-emarketing"},"img":{"alt_text":"WordPress Security","src":"https:\/\/i0.wp.com\/www.bricktowntom.com\/blog\/wp-content\/uploads\/2022\/10\/0-0-0-0-AWordPress-Security-3452925911.jpg?fit=400%2C267&ssl=1&resize=350%2C200","width":350,"height":200},"classes":[]},{"id":93640,"url":"https:\/\/www.bricktowntom.com\/blog\/04\/wordpress-best-practices-for-a-successful-website.html","url_meta":{"origin":93152,"position":1},"title":"WordPress best practices for a successful website","author":"admin","date":"April 14, 2026","format":false,"excerpt":"WordPress is fun yet powerful. And there are so many things you can do with it. But don\u2019t just leap in with both feet and start WordPressing with reckless abandon. There are best practices one needs to partake in to ensure your WordPress site is dialed in and safe, to\u2026","rel":"","context":"In &quot;E-business &amp; E-marketing&quot;","block_context":{"text":"E-business &amp; E-marketing","link":"https:\/\/www.bricktowntom.com\/blog\/category\/ebusiness-emarketing"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":92795,"url":"https:\/\/www.bricktowntom.com\/blog\/04\/woocommerce-wednesdays-how-to-sell-digital-products-with-woocommerce.html","url_meta":{"origin":93152,"position":2},"title":"WooCommerce Wednesdays: How to sell digital products with WooCommerce\u00a0","author":"admin","date":"April 1, 2026","format":false,"excerpt":"On the surface, selling digital products with WooCommerce doesn\u2019t seem much different than selling physical goods. You need to create a website detailing your products, drive relevant traffic to said site, and convert the visitors into customers. However, there are some key distinctions that require consideration. Whether you sell software,\u2026","rel":"","context":"In &quot;E-business &amp; E-marketing&quot;","block_context":{"text":"E-business &amp; E-marketing","link":"https:\/\/www.bricktowntom.com\/blog\/category\/ebusiness-emarketing"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.bricktowntom.com\/blog\/wp-content\/uploads\/2022\/04\/mobile-phone-1875813_12801-300x200-1.jpg?fit=300%2C200&ssl=1&resize=350%2C200","width":350,"height":200},"classes":[]},{"id":92805,"url":"https:\/\/www.bricktowntom.com\/blog\/03\/the-advantages-drawbacks-of-hosting-websites-for-clients.html","url_meta":{"origin":93152,"position":3},"title":"The advantages &amp; drawbacks of hosting websites for clients\u00a0","author":"admin","date":"March 24, 2026","format":false,"excerpt":"Once you get into a steady rhythm of site-building gigs, it\u2019s a good idea to look for other sources of recurring revenue. In fact, one sits right under your nose. You might be hosting those sites on your clients\u2019 plans or even shopping providers for them, but have you ever\u2026","rel":"","context":"In &quot;E-business &amp; E-marketing&quot;","block_context":{"text":"E-business &amp; E-marketing","link":"https:\/\/www.bricktowntom.com\/blog\/category\/ebusiness-emarketing"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":92922,"url":"https:\/\/www.bricktowntom.com\/blog\/04\/why-third-parties-are-taking-an-interest-in-your-clients-website-security.html","url_meta":{"origin":93152,"position":4},"title":"Why Third Parties Are Taking an Interest in Your Client\u2019s Website Security","author":"admin","date":"April 4, 2026","format":false,"excerpt":"Website security is serious business. That\u2019s not news to most web designers. It\u2019s something we have to account for in how we build, the hosting company we use, and the software we trust. And while there are plenty of best practices to follow, securing a website is a major challenge.\u2026","rel":"","context":"In &quot;Affiliate Marketing&quot;","block_context":{"text":"Affiliate Marketing","link":"https:\/\/www.bricktowntom.com\/blog\/category\/affiliate-marketing"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.bricktowntom.com\/blog\/wp-content\/uploads\/2022\/05\/third-party-web-security-02.jpg?fit=900%2C400&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.bricktowntom.com\/blog\/wp-content\/uploads\/2022\/05\/third-party-web-security-02.jpg?fit=900%2C400&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/www.bricktowntom.com\/blog\/wp-content\/uploads\/2022\/05\/third-party-web-security-02.jpg?fit=900%2C400&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/www.bricktowntom.com\/blog\/wp-content\/uploads\/2022\/05\/third-party-web-security-02.jpg?fit=900%2C400&ssl=1&resize=700%2C400 2x"},"classes":[]},{"id":92646,"url":"https:\/\/www.bricktowntom.com\/blog\/03\/why-you-should-be-manually-updating-wordpress-for-clients.html","url_meta":{"origin":93152,"position":5},"title":"Why you should be manually updating WordPress for clients\u00a0","author":"admin","date":"March 23, 2026","format":false,"excerpt":"WordPress has a host of very cool automated features at its disposal, like auto-posting, security scanning, site health checks, and auto updates. So why would you want to interfere with automation and start manually updating WordPress for clients? Well, sometimes automation can go sideways and cause more harm than good.\u2026","rel":"","context":"In &quot;E-business &amp; E-marketing&quot;","block_context":{"text":"E-business &amp; E-marketing","link":"https:\/\/www.bricktowntom.com\/blog\/category\/ebusiness-emarketing"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.bricktowntom.com\/blog\/wp-content\/uploads\/2022\/04\/occupational-safety-1038550_12801-300x200-1.jpg?fit=300%2C200&ssl=1&resize=350%2C200","width":350,"height":200},"classes":[]}],"jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/www.bricktowntom.com\/blog\/wp-json\/wp\/v2\/posts\/93152","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.bricktowntom.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.bricktowntom.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.bricktowntom.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.bricktowntom.com\/blog\/wp-json\/wp\/v2\/comments?post=93152"}],"version-history":[{"count":4,"href":"https:\/\/www.bricktowntom.com\/blog\/wp-json\/wp\/v2\/posts\/93152\/revisions"}],"predecessor-version":[{"id":102510,"href":"https:\/\/www.bricktowntom.com\/blog\/wp-json\/wp\/v2\/posts\/93152\/revisions\/102510"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.bricktowntom.com\/blog\/wp-json\/wp\/v2\/media\/93153"}],"wp:attachment":[{"href":"https:\/\/www.bricktowntom.com\/blog\/wp-json\/wp\/v2\/media?parent=93152"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.bricktowntom.com\/blog\/wp-json\/wp\/v2\/categories?post=93152"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.bricktowntom.com\/blog\/wp-json\/wp\/v2\/tags?post=93152"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}