WordPress is the most popular blogging platform in the world. Millions of websites including various popular blogs are using WordPress as a content publishing platform. So, hackers are very interested in hacking WordPress sites. Below are 10 tips that can help you tighten the security of your WordPress site.
Never Use “Admin” As The Username on any of your WordPress sites. The main targets of this botnet threat are people who use “admin” as their username and also those who use common usernames like Admin, 123456, 666666, 111111, 12345678, qwerty, password, 123qwe, 123admin etc. Hide your usernames. If usernames are exposed, brute force attack can be launched on your website.
Use A Strong Password for your accounts or change your password on a regular basis. Many recommend a password with 8 or more characters that are a combination of upper and lower case letters and preferably with one or two numbers and symbols. The idea is to make it difficult for hackers to guess. Make your passwords strange words that are not familiar with your habits, name or birthday.
Always Update Your WordPress site to the latest version. The moment you realize that an updated version of WordPress engine is realized, just click update. With every new WordPress update, the security bugs for the previous release becomes public information and so it becomes a feasting period for hackers. Every single engine that has not been updated becomes a prey. So always update your WordPress to the latest version to make sure that you are protected against any known security bugs.
Keep Your Computer Clean and free from virus. For those who personally do posting on their websites, all a hacker needs is a keylogger on your computer. So update your operating system as often as updates are released. Use an antivirus, get one with a license & update it daily. Use trusted and verified internet connection while logging into your WordPress. Be careful of Internet connections; like airport wifis, cafés and unknown wifi’s because there is an attack called evil twin that mimics a real wifi connections and traps details being transferred over the network.
Backup Your Website on a regular basis. Backup your WordPress regularly. Bi-weekly if activities are frequent and monthly if otherwise.
Scan Your Website and clean up unused files.
Update Plugins as patches are released and delete unused plugins.
Limit Your Login Attempt with tools like “wp limit login attempts” and “login lockdown”.
Use A Secure Host. A lot of WordPress hacks are through server vulnerabilities. Ensure that your host uses a secured server. Don’t just opt on any host, look out for how secure and reliable they are. Check the footers of host provider for verified security endorsements.
Prevent hackers browsing through your website directories by moving the wp-config.php file into a folder higher than your WordPress installation folder, and add a blank index.php file to directories that should not be available publicly.
GTECH Designs is a Baltimore-based web marketing firm that is committed to helping impact-makers spend more time doing good. For more information, contact us at 410-775-4100, email us at [email protected], or get in touch with us via :