VaultPress for WordPress

Using Jetpack for WordPress Security

By:

Aug 3 • Technology • 7732 Views • No Comments

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading...Loading...

Editor’s Note: We have discussed security before – yet – challenges will continue for all of us as technology companies and law enforcement play the cat and mouse game with bad actors. Keeping up is an act of futility. However, that is not surrendering. It is simply a call for taking measures to reduce the risk as low as possible. You are likely doing this on your business mobile devices, computers and networks among other areas of technology infrastructure. One of the ingredients that have kept financial professionals from utilizing WordPress has been security concerns. That should no longer be an obstacle.

There have been quite a few words published on WordPress security, from criticisms to recipes for enforcing your web site against the risks of bad actors who may seek to compromise your web site. I have been evaluating the Jetpack suite of tools available within WordPress.org (where you install WordPress on your domain and server). This has been tested across three domains (including my own personal web site) since 2014. What drove me to explore Jetpack?

My Primary Concerns on WordPress

There are many requirements we have to run a business web site. Those range from the design specifications, ability to edit and publish content as well as any governance requirements such as archiving and retention. However, my top priorities for managing a web site revolve around these three areas.

Backup and Restore

Backup needs to be automated, seamless (getting everything, not just content) with restore capabilities. On a WordPress site, you will want to be backing up daily for these components:

  • Theme(s)
  • Plug-Ins
  • The WordPress database for your site
  • Uploads
  • Posts and Pages

These should be one-click to restore if possible, with some technical support for complex scenarios.

Maintaining Updates

Updates are critical in any online environment, not just WordPress. It is similar to your computer operating system (OS) or your smart phone OS. You want to pick your “add-ons” (i.e. apps, plug-ins, etc) carefully. It is critical to keep your OS as up to date as possible (i.e. WordPress version updates) – so choose your plug-ins carefully – selecting those who have a reputation of pacing those updates consistently. Nothing is worse than needing a WordPress update for security purposes and a plug-in breaks and disable some or all of your web site.

Security

Understanding and identifying security risks online is extremely difficult without a team of experts and their systems monitoring the constant stream of threats. I needed a method for being prompted to understand how my web site was at risk and a path to mitigating it without an extraordinary amount of resources.

Jetpack Solutions Tested

Jetpack is an intriguing collection of free and premium tools offered through WordPress for any WordPress site. This is ideal as the folks who build and manage WordPress (Auttomatic) also manage these tools. While there are several handy utilities in Jetpack, a few solved for my core needs outlined above.

Akismet

Akismet Stats on The DigitalFAComment spam was long a plague on WordPress sites, which not only meant the manual labor to mark them as spam, but also avoiding the malware-infected links and code often included in those comment submissions. Akismet automates nearly all spam handling with quite an accurate record. Highly recommended. On my site alone the stats are staggering. (See the screenshot from my WordPress dashboard).

 

VaultPress

Backups were also difficult for me – as manually running them, or having to export them to third party destinations and manage them, was complicated. I need a simple solution. VaultPress solved that equation for me.  Running daily backups as well as having one-click restore access was a problem solver for me. In addition, offering a real-time security scan identifies risks I never would have found (for example. the platform advised me a sample file in a plug-in I used opened a vulnerability – and that the file was safe to delete with a click).

Protect

A weak link is often the WordPress login. This is where brute force attacks have often occurred. One obvious tactic is changing the administrative username from admin to something else and using a strong password. However, Protect, free inside Jetpack, also adds an additional layer protecting your login function. In my case, 954 malicious login attempts had occurred over the evaluation period).

My Outcome on WordPress

These tools worked quite well and I have chosen to invest in them for my web site as well as recommending them to others. I have outlined below the costs of what I opted for as well as links to those specific services.

  • The Akismet-VaultPress bundle is optimal here – providing backup/restore, spam filtering as well as security checkups and one-click fixes. This is $29 per month per website.
  • Protect is free within Jetpack (which is also a free framework plugin)

 

 

Blane Warrene

Blane Warrene co-founded Arkovi Social Media Archiving (acquired by RegEd in 2012). He continues advising financial advisors and financial institutions with QuonWarrene, a company he founded with Neal Quon. He speaks and writes the digital business model and technology in financial services. Blane is a lifelong musician and lover of history. He serves on the board of the Dennison Railroad Depot Museum, an Ohio national historical landmark. Blane also serves as Editor at Large for The Digital FA.

Facebook Twitter LinkedIn Google+ Flickr Skype 

The above article is for educational purposes only. Investment professionals should consult their compliance departments before accessing or implementing any of the marketing ideas, practices or advice found in the DigitalFA. Your use of the DigitalFA website tells us you have read and agreed to our Terms of Service.

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

« »