Leaving your WordPress site unsecured leaves you, your users, and your data vulnerable to attack. Luckily, with some basic site configuration, code updates, and free plugins, you can make an existing or brand-new WordPress site much more secure. Beginning with the basics (your backup/restore and password settings), author Jeff Starr explains how to harden WordPress by setting up user roles, configuring authentication keys, and setting proper file permissions. Plus, discover advanced WordPress security techniques to monitor user activity, implement a firewall, prevent spam, and block bots, and learn best practices for reporting vulnerabilities to WordPress and auditing your site.