Even with Imunify360’s protection, you should follow these security best practices to keep your website safe:
✅ Use Strong Passwords
-
Avoid using common passwords like
admin123orpassword. -
Use a mix of uppercase, lowercase, numbers, and symbols (e.g.,
8Xf!jK2@). -
Change passwords every 3-6 months.
✅ Enable Two-Factor Authentication (2FA)
-
In cPanel > Security > Two-Factor Authentication, enable 2FA.
-
This adds an extra security layer by requiring a one-time code when logging in.
✅ Keep WordPress, Plugins & Themes Updated
-
Outdated software is the #1 cause of website hacks.
-
Enable automatic updates in WordPress or update manually via Dashboard > Updates.
✅ Install a Security Plugin for WordPress
-
Use Wordfence, Sucuri, or iThemes Security for additional protection.
-
Configure login attempt limits to prevent brute-force attacks.
✅ Backup Your Website Regularly
-
Use JetBackup in cPanel to automatically schedule backups.
-
Store backups on an external cloud service (Google Drive, Dropbox, etc.).
✅ Secure File & Folder Permissions
-
Set file permissions to 644 and folder permissions to 755.
-
Avoid setting permissions to 777, as it allows unrestricted access.
✅ Enable reCAPTCHA for Login Forms
-
Add Google reCAPTCHA to WordPress, WooCommerce, or Joomla login forms.
-
This helps prevent automated bots from spamming or hacking your site.
✅ Monitor Your Website for Suspicious Activity
-
Check cPanel > Imunify360 > Security Logs for unusual activity.
-
Use Google Search Console to monitor for security warnings from Google.
