[ad_1]
I want to open a shop to sell my art. I started with WordPress.org free. I’ve used wordpress.org free for about a year on and off.
I have all the pages/functions I would need ( still a wip but mostly functional).
I currently use MAMP to host and it’s not secure.
What are my hosting options? are there any security plugins or options I should be aware of? any plugins to avoid? pls be as brutally honest as possible, thank you!!
Well, MAMP is purely for local development so security isn’t really an issue at that stage of your website journey.
You should ask in r/hosting for suggestions on reliable web hosting companies for WordPress. Many hosting companies provide easy one-click installers to get WordPress setup/running in just a few minutes.
Security plugin: many people use Wordfence.
Other plugins, I’m assuming you know about WooCommerce (to add ecommerce functionality to your website?). You’d then just need a payment processing plugin to be able to accept payments (e.g. PayPal, Stripe etc…). Any other plugins would just be for features/functionality you want to add. For the most basic setup you could run a shop just with WooCommerce & a payment plugin.
Plugins to avoid: any that have very few downloads / bad ratings & reviews / aren’t maintained or kept updated by their developer (it shows when a plugin was last updated on the plugin details page).
Obviously you’ll also need a website theme if you haven’t got one already. There’s plenty of free pre-made themes to choose from, but you may be limited in what you can edit on them without building your own custom theme (probably not a viable option unless you’re a developer or willing to pay someone else to build your website for you).
Once you’ve built your site on your own computer (e.g. by using MAMP, in your case), you can install a plugin like [Duplicator]) to create a backup/installer that you then just upload to your actual web host & run an installer that installs the site for you (just as you have it on your own computer).
I could suggest you take care of the following:
Consider **moving from your local development environment (MAMP) to a reliable web hosting provider** (e.g. like SiteGround, A2, WP Engine, etc.). These hosting providers typically offer built-in security measures and regular backups to help protect your website.
An **SSL certificate** is a must for securing your online shop and protecting sensitive customer information.
Install a **security plugin to enhance the security of your WordPress site**. Popular security plugins include Wordfence Security, Sucuri Security, iThemes Security… but my personal preference is Virusdie and MalCare. These plugins provide features such as malware scanning, firewall protection, and login security measures.
**Keep your WordPress installation, themes, and plugins up to date** to protect against security vulnerabilities. Lately, these vulnerabilities have become more dangerous than ever – vulnerabilities are discovered much more frequently than before, at least on our websites/webshops.
Stick to **plugins from reputable sources**, such as the WordPress plugin repository or well-known developers. Check user ratings, reviews, and the plugin’s update frequency to ensure its reliability. Avoid using outdated or poorly supported plugins, as they may pose security risks.
Choose a **secure payment gateway** that integrates with your online shop. Popular options include PayPal, Stripe, and WooCommerce Payments.
Implement a **regular backup strategy** for your website to protect against data loss. Our backup strategy includes implementing backup plugins like All in One WP Migration Plugin, utilizing the backup services offered by our hosting provider, and incorporating additional backup services such as BlogVault.
Classical one – **use strong, unique passwords** for your WordPress admin account, FTP, and any other access points. This helps prevent unauthorized access to your website.
Assign **appropriate user roles** to individuals who will be managing your online shop. Limit administrative access to trusted users to minimize the risk of unauthorized changes or potential security breaches.
**Monitor your website for any suspicious activity**, such as unauthorized login attempts or unusual traffic patterns. Security plugins and services can help with this, but you can use plugins such as Simply History as well.
Additionally, consider **consulting with a professional web developer or security expert** if you have specific concerns or need further guidance tailored to your unique requirements. They can provide personalized advice and assist with implementing robust security measures for your online shop:
(I have had good experiences with FixRunner.com WP Agency, and they don’t charge you until the task is successfully finished)
If you aren’t technical, then I wouldn’t recommend WordPress. There’s a ton of stuff you need to know how to do when you use WordPress, like security, backup, image optimisation, performance optimisation, SEO, etc, etc. I’d recommend something like Shopify or Squarespace.