Improve WordPress security with this step by step guide to secure your WordPress site. Improving WordPress security helps in securing your website from being hacked.
1. Vivekanand Arumanda January 14, 2018
Improve WordPress Security How to
technozam.com/improve-wordpress-security/
Improve WordPress security a step by step guide. WordPress is one of the prominent
blogging platforms for self-hosted blogs. When compared to other platforms like Blogger,
Joomla, and Drupal as it is a leading platform many hackers try to hack your WordPress
blog for the sake of money or bragging rights. As a responsible website owner, your duty is
not only to create good content but also to protect your blog from hackers so that your hard
work wouldn’t go in vain. As a website owner, it’s your responsibility to secure your site and
to maintain it properly. Before going through this tutorial, please do read my previous posts
about Advanced WordPress security tips and Best WordPress Security Plugins To Protect
WordPress Blog.
Most hackers try to hack your blog with these vulnerabilities.
Through WordPress Theme
Through Passwords (Brute-force Attacks)
Through WordPress Plugins
How To Improve WordPress Security Step By Step Guide
1. Never Use Admin As Your Username and Passwords
In previous versions of WordPress we use to get admin as the default username, but now
for the present version of WordPress 4.9.1 when installing itself, one can change the
username and password of WordPress login page. So, never use admin as your username
since it will be the first trick of hackers to exploit through brute force attacks. Always use
some unique username.
2. Use lengthy Passwords
1/3
2. Still, use complicated passwords and try to use different passwords for every account.
Many suggest not to write your passwords on a piece of paper so in some notes, but my
suggestion is to create complicated passwords, write them in a book but keep it
confidential. If you forget, you can check the book but be very careful with passwords.
There are few tips for creating a password. I am mentioning few suggestions below.
Never use dictionary words as a password because they are easy to crack with
hackers automated software.
Always use a combination of lowercase letters, uppercase letters, numbers, special
characters like #%.
Never use the date of births like a password.
Never store your passwords in browsers.
Choosing A Strong Password
Try this way; it will do some wonders. Just think of a sentence like “A Boy Can Do Anything
For A Girl” now pick first letters in each word A B C D A F G. Now, Try to think of some
numbers that u can remember easily. Assume you can remember this name for a particular
purpose 84458669 else you can pick 4 to five date of births and choose the last digit in the
year columns. Now select one or two special characters like % # @ anything.. Logically
combined them with some meaning. Never use to lowercase letters in a sequence likewise
don’t use uppercase letters in tandem. A1b5#a6d6@5Ca9 will be the final password. Try to
check your password with password strength checkers which are available online. This
pattern helps to create complicated passwords.
3. Change The Login Url
Yes, use this WPS Hide Login WordPress plugin to customize your WordPress login URL.
Usually, after installing WordPress, you will get a URL in this pattern
www.example.com/wp-admin. With the help of the above plugin, you can change the URL
to www.example.com/word or phrase of your chose. This easy step takes your blog’s
security to next level.
4. Always Update Your Core Databases And WordPress Versions
Continuously update your databases and please be to date on your WordPress version.
The present version of WordPress is 4.9.1. Always check for updates. If you don’t know
how to update your WordPress version, just log in to your WordPress dashboard, at the top
left corner you can find an option called Update click on that there you can see check again.
It helps you to upgrade your WordPress version.
5. Update Your Themes And Plugins
Always use premium themes on your WordPress blogs. Never try to download pirated
WordPress themes. Downloading nulled themes can harm your blog and a far-reaching
kind of vulnerability. Using a pirated theme can pave a way for a hacker to hack your blog
quickly. You can use free themes even this is also a kind of moderate threat, but if you
don’t have that much money, u can download free themes but always download from
trusted sites.Still, use trusted plugins. You can find thousands of plugins but always be
2/3
3. cautious This will be the very first thing a hacker will look out for. Continuously scan your
plugins after downloading with commercial antivirus software. Deactivate the plugins when
not in use.
6. Keep Your Computer Virus Free
Last but not least, always keep your computer clean. Use a commercial anti-virus software
500 bucks for a year is not that much costly so purchase commercial anti-virus software.
7.Use Limit Login Attempts Plugin
Limit login attempts plugin is a small plugin yet very efficient when it comes to minimizing
brute force attacks. It will restrict the number of logins as set by you in the plugin settings. If
that number of login attempts exceed the amount established by you, then it will
automatically lock out that user and IP for some time. You can customize the period as per
your wish.
8. Use reCaptcha Plugin
Use reCaptcha plugin to minimize brute-force attacks. Mostly brute force attacks are
executed with the help of automated tools. After installing a plugin, it will create a blank to
fill with little calculations to enter which bots can’t do. So, automatically brute force attacks
will be minimized.
Closing Thoughts
These are few key WordPress security measures to take to make your WordPress blog
more secure. I am going to write few more advanced security tips in my next post. Please
share your thoughts on this post in the comments section below.
3/3