EveryoneDigital

Everything Between Tech and Web.

Doctor’s guide to protect your wordpress Installation from bad minds

Author:     1 Comment  

Did you know that WordPress is the most popular open source CMS in the world? Approximately 15% of websites in the world use them. But that’s just one side of the coin. With increasing popularity, it will be just opening doors for h@ckers and exploits. You need to take care to protect your WordPress Installation.

 

Installed your First Blog: Time to Prepare for the worst

 While installing WordPress you must enter a username for the administrator account. Choose something other than the traditional “admin”, the goal is to put a spoke in the wheels to those who want to hurt your site. Don’t let brute force attacks get your blog soon. Choose a complex password combination out of your creating or an online password generator. Do not save it anywhere in the digital format, write it down on your notepad

 

Update WordPress Regularly

 You should also keep your WordPress Blog upto date, do not forget to install the updates when they are available in your dashboard. Migrating to the latest version of WordPress, you can prevent hackers from exploiting the bugs from previous versions.

 

Hide your Folders

Your WordPress Folders might be accessible to the public. For example, by entering the following URL: yoursite.com / wp-content / plugins anyone can see the plugins you use and therefore exploit potential vulnerabilities…

 

Modify your .Htaccess file and enter the following line in it

Options All-Indexes

 

Prevent BruteForce

BruteForce is one of the most popular techniques to get hold of passwords by trying every possible combination of letters and numbers and sometimes special characters to match the password. Use Login LockDown plugin to limit the amount of failed login tries from a single I.P

 

It is better to relocate your wp-admin folder or re-name to make it impossible for hackers to visually track down your admin login URL

 

Backup

If there was only one thing to do to secure your WordPress site files, it would be to  perform regular backups. I have already got hacked once I lost tons of data because I’ve ignored to make regular backup of my site database and files

 

Most of the leading Hosting companies offer Free Scheduled Backups, Make sure you have it properly configured; It’s a matter of minutes

Comments

  1. Aditya says

    Yep, I’m following all these tips I guess, I’m not sure of the htaccess tip I guess. I also schedule backup of posts on my blog for every 15 days so everything flows pretty well on my blog.

    Thanks for this post.

    Aditya

    Reply

 Comment Policy

Your words are your own, so be nice and helpful if you can. Please, only use your REAL NAME, not your business name or keywords. Using business name or keywords instead of your real name will lead to the comment being deleted. Anonymous commenting is not allowed either. Limit the amount of links submitted in your comment. We accept clean XHTML in comments, but don't overdo it please. You can wrap code in [lang-name][/lang-name] tags.


Tell us what you're thinking...

If you want a picture to show with your comment, then get Gravatar!