Is WordPress insecure? Not at all! However, an outdated WordPress installation with a weak password and poorly chosen plugins is definitely insecure.
It’s often said that “security is a process”, and the security of your own site starts with you installing the WordPress. Why should you care about security from day one, when your website is brand new and only your mom reads it? What should you do yourself, while your site grows, even if you do not (yet) have the budget to hire experts? How can you make your visitors browsing safer? How can you minimize the chance you site got hacked?
In this talk I will go over some best practices you can implement to make your website safer and why you should care about them. None of these require a single line of code, only some common sense and understanding what is right and what should be avoided as a behaviour while you manage your site.