How to protect your wordpress site

Are you sure that your WordPress site is 100% secure? Did you take any action to improve the security of your website? If the answer is no, don’t worry. Let’s see how to protect your WordPress site.

WordPress is the popular blog platform. It is one of the reason, hackers attack the WordPress site. If you did not take any action to secure your site, you will the next target for hackers.

 

How to protect your wordpress

How to protect your wordpress site

How to protect your WordPress site

Here are some useful tips to protect your website from hackers.

Never use admin as username for your website

Hackers target the website that uses the username as “admin”. If the username of your website is “admin”, then you have provided half of the information they need to hack the website. It makes their job very easy. Once they got the username, they just have to find your password. Once they get into your website, they can do anything they want. So, never use “admin” as the username of your website.

 

hacking - wordpress-login-attempts-tips-to-secure-wordpress-site

Login attempts

 

 

If you are currently using the username as “Admin”, you can create a new one and delete the admin. Changing the username of your website, increases it security.

Here are the simple steps to create new user profile:

1. Login to your website and click on users.
2. Select “add new” and enter the name.
3. Assign admin role to it.

Once you have made the changes, log out and login again to your website and delete the user which has the username “admin”.

Always update your WordPress

If there is any new update available for your software or plugin, you will be notified when you log in to your website.

New versions are released to introduce brand new features, fix bugs or to patch security holes. So don’t ignore these updates. When you get the notification in admin panel for the latest version, update it.

Update all the plugins

Always update your plugins. Most of the security issue is related to plugin vulnerabilities. So install most trusted plugins, which are updated frequently and give better support.

Remove all unwanted and inactive plugins from your site.

Update your theme

update your theme properly when they release new versions.  Purchase your theme from a known vendor.

When I purchase a theme, the first thing, I checked out who created the theme.Second, are they a known member of the community with an established reputation.

Don’t downloads the free version of premium themes from unknown sites. Sometimes these themes may be infected by malware and destroys all your sites.

Remove all unused themes from your site.

I would recommend using a theme come with a good framework. That will assure double security at your site. You can use Genesis Framework or woo themes for the same.

Limit the Number of Login Attempts

Limit the number of login attempt to your site to protect from a botnet attack. You can use Limit login attempt or Better WP Security for the same. If someone is trying to guess your password, it will stop them from doing so.

Better WP Security is all in one security plugin which scans, secure and recover yourWordPress site. It is now renamed as iThemes security plugin.

There are several plugins available to secure your WordPress site. Here, I am say explain about the iThemes security plugin. iThemes security plugin was previously called as “Better WP Security”.

Once you install the plugin, you will receive the notification as shown in the image below. Just click on “secure your site now”.

There are many security options available in this plugin. However, we will discuss only the important things here.

Change your admin URL of your website. By default, the admin URL will be www.abc.com/wp-admin. Change this URL to something of your preference. To change this click on “Your WordPress area is no hidden” and select fix it. You will get a new window and you need to check “hide backend”. Enter the new URL of your website through which you will log in to your website.

Change the database of your site. By default, your database will be wp_something. Click on “Your blog prefix should not be wp” and rename it. A random prefix will be assigned to your website.

These the basic and important steps to secure your website through this plugin.

If you are looking for more advanced security, try Sucuri.net. This is the best malware scanning and clean-up service on the web. You can choose an optimum plan for your site.

Use a Complex Password

Use a complex password for your site. Use a combination of uppercase, lowercase letters, digits and special characters. If you are using WordPress.com enable two-step authentication.

You can use keepass , a free open-source software to generate more complex passwords for your site.

 

Backup your Site Regularly

The regular backup will save all your data when your site gets hacked. You can restore all your posts, comments and pages from this backup.

Use WP-DBManager plugin to backup your database regularly. If you want to back-ups your entire WordPress installation like Widgets, themes, plugins, files and SQL database, use BackupBuddy.

No matter, what kind of site you are running, stay vigilant and keep updated !

Comments

  1. Hi Umapathi,
    I am so glad again to be here,
    Yours indeed a wonderful site with lot of information on wp and other blog related tutos. I a new to wordpress and still in the learning stage.
    Thanks for sharing
    Have blessed day
    ~ Philip
    PS: Hey why the right click has been disabled?
    If keep open it will be good for the commentaters to comment without typos!
    Thanks
    Philip Verghese Ariel recently posted…Philipscom Invites Guest Posts – Be Our Guest And Write For UsMy Profile

Speak Your Mind

*

CommentLuv badge

error: Content is protected !!