Keeping your WordPress website safe and secure




SEO is a slow process – it takes lots of time and hard work to reach the first page. Unfortunately, it doesn’t take much for your rankings to drop if Google’s algorithms detect an issue with your website. For example, a hacked site will quickly be flagged by Google and will drop in rankings, or be removed from result pages if the problem is severe. This will take a long time to recover in rankings.

Ning Song, a software engineer at Google wrote a blog post in October last year detailing the changes to the algorithms that target hacked spam in search results:

“We are aggressively targeting hacked spam in order to protect users and webmasters.

The algorithmic changes will eventually impact roughly 5% of queries, depending on the language. As we roll out the new algorithms, users might notice that for certain queries, only the most relevant results are shown, reducing the number of results shown

This is due to the large amount of hacked spam being removed, and should improve in the near future. We are continuing tuning our systems to weed out the bad content while retaining the organic, legitimate results.”


It is undoubtable that since then Google has refined its algorithms to target hacked content. Fortunately if your site is on WordPress there a few easy steps you can take to prevent hackers and vulnerabilities from having a negative impact on your rankings. These simple suggestions could potentially save your time, rankings and revenue in the long run.

Take a look at our suggestions below:

Keep your WordPress version up to date



WordPress regularly releases new versions, often including bug fixes and new features that will help to improve your website. You or your site administrator will typically receive an email if a new update is available, or if WordPress has automatically updated – so you will have plenty of notice when a new version is released. It is important to keep WordPress up to date to avoid potential vulnerabilities that a hacker could exploit.

As a precaution, you should take a backup of your website before updating WordPress in case of incompatibilities with any themes or plugins that you’re using, as these may not yet have been updated to work with the new version of WordPress. If you’re not sure about updating WordPress, speak to your site administrator.

Make sure your theme is up to date



Just like WordPress, your theme may also be updated regularly. You can check if a new version of your theme is available by going to your WordPress dashboard and checking your available updates, or checking your themes page. This is part of the essential framework of your website, so again it is important that you take a backup before updating your themes.

You should also remove any unnecessary themes that aren’t in use on your website, as these can quickly become outdated and create vulnerabilities in your website. Take a look at the example site below:




In this case, Executive Pro and Genesis are both in use, but the others are not. Default themes such as Twenty Fifteen, Twenty Fourteen etc. are typically left hanging around on WordPress sites. These optional themes are added when WordPress is first set up – so unless you’re using them you should remove them as a matter of safe practice. Fortunately these are easy to remove, just click on the themes and delete the ones that are not in use. Make sure you do not delete the active themes that are being used!

Keep an eye on your plugins



Plugins are great – they can add new features to your site and provide easy customisation. However, these can easily get out of hand. Ideally you shouldn’t have lots installed on your site. The more plugins you have, the more updates you will need to run to keep them in check. This will also mean a higher chance of incompatibilities between plugins, themes and WordPress, leaving your site vulnerable to hackers and potentially causing other issues.

A quick recap

  • Take backups before updating
  • Make sure WordPress is up to date
  • Update your themes and remove any that are not in use
  • Keep your plugins up to date and don’t install too many to reduce vulnerabilities

If you would like to discuss this subject or any SEO concerns, contact us today. Keep an eye on our blog for more updates from our SEO Team.