Is a very simple theme secure enough?

If you follow the guidelines of the Codex for Themes (start here: https://codex.wordpress.org/Theme_Development ), and ensure that any user-supplied input (if any) is sanitized, then a theme will be secure.

This also assumes that you have done basic security on your install. For instance:

  • strong passwords on all accounts
  • create an admin account without the ‘admin’ name
  • take the first user account and demote it to subscriber (not an admin)
  • strong passwords for your hosting account
  • strong passwords for any FTP users on your hosting account
  • keeping all plugins current/updated
  • updating WordPress to current levels
  • use latest PHP version on your site

Then your site will be less susceptible to attack. You’ll also find lots of security guidelines via the googles. Look at them carefully and apply those that are needed.

error code: 523