There is absolutely no proof that WordPress is any less secure than any other website site. The truth is, all sites are vulnerable to security breaches, including but no especially WordPress. Because of its sheer volume of WordPress websites on the web (about 28% of all sites), it attracts attackers. But WordPress is not a new platform. During its decade-long evolution, WordPress has released a number of informative security tutorials as well as reliable security plugins. And as WordPress continues to grow and mature, the security plugins only get more advanced resulting in decreased unlocked hacks. Each new update brings tougher security measures and features.
However, the true security of a WordPress site comes from the admin’s ability to consistently update themes, plugins, and add-ons and maintain backups. Admins should also create complex passwords for all users and change them often ( at least every 90 days). Nearly 80% of actual security threats and infections are due to a vulnerability caused in outdated software/password exploits. A digital experience platform like that offered by WP Engine is guaranteed to ensure indestructible security for your WordPress site.* Our In-House Web Hosting also provides world-class security to help keep things secure.
If keeping things up to date is something you find hard to fit into your schedule I provide monthly maintenance plans. I will install a plugin that will email me when something needs updated. I will then go in and make a full back up of your site, safe it offline and then update your plugins, themes and WordPress versions. I then test it to make sure nothing broke. Having a WordPress website on my monthly maintence plan gives you the piece of mind to know its always up to date and always secure.
There are a few plugins I always suggest to keep your website secure and running well I will be discussing this more in a futureblog post.
Source: WP Engine