Securing WordPress website is a pressing concern for professionals and small businesses alike This presentation looks at some basic steps you can take to enhance security for your WordPress website.
2. Vulnerabilities and Attacks
• SQL Injections
• Cross Scripting
• Brute Force Attacks
Recent Attacks
• April 2013
• March 2012
• March 2011
http://rightmixtech.com 2
3. Server Level Security
• Modify the WP config file
• Edit the root .htaccess file to restrict access to
directories and files
• Add customized .htaccess files to /wp-
contents/uploads folder
• Protect the .htaccess file
http://rightmixtech.com 3
4. Website Level Security
• Install security plugins such as Wordfence
Security or Bulletproof Security – or any other
• Use the security plugins to
– Set up routine scans
– Set up alerts to report vulnerabilities
– Specify Maximum login attempts allowed
• Update WordPress installation
• Update plugins
http://rightmixtech.com 4
5. User Level Security
• Create a new user with administrator privileges
• Delete the default Admin account
• Create Strong password
– At least 8 characters
– No dictionary words
– At least one number
– At least one special character
• Assign appropriate roles and permissions to other
website users
• To read the complete post, see
http://rightmixtech.com 5
6. Thank You
For more information on WordPress, visit us at
http://rightmixtech.com/blog