10 Simple Security Tips For Newbie WordPress Blogs


I can see many new self hosted WordPress blogs emerging in to the world of blogosphere (don’t forget to include this blog). It is better to try to keep a bad thing from happening than it is to fix the bad thing once it has happened. So, preventing your blog before it gets hacked. Yes, you may be the king in writing content and also in promotion. but if your blog is not secure, you could lose everything overnight.

wordpress blogs

So, Here we have some useful and basic security tips for newbie WordPress blogs. I’m not covering all the technical aspects like using .htaccess and all those stuff. These are very simple security measures which has to be taken to protect your WordPress blog and explained in clear way for a common man who is using WordPress platform.

Keep WordPress Secure – Avoid Hack Attack

Use always Updated Version

WordPress is an Open source software so, hackers can easily find loop holes. It is better to upgrade when ever WordPress releases the latest version – You can find all the latest patches and bugs which are fixed. Subscribe to WordPress Development blog.

Change Default Username

The second thing which you should take care is, your default username “admin”. Most of the blogs will have the default username for signing in. Hackers can easily find out and they will try to break your website using brute force method. So, it is better to change the default username. You can change the default username very easily. Just add a new user, give the administrator privilege, Login to dashboard as a new user and delete the default admin username.

Disable Folder Browsing

You should not forget to disable folder browsing – I mean we can easily access /wp-content/plugins/ (or) /wp-content/uploads in the default installation. So, If a person is able to see what are the plugins you have installed, then it is easy for them to find out vulnerability and enter into your website. So, just add index.html (it should be blank file), drag and drop the index.html file into the folders. So when, someone try to access it hides the files with index.html page as in front. If you’re using new version, it has index.php by default.

Back up !

Here is the most useful tip for anyone, Backup ! back up and back up ! Back up your blog daily. Suppose, if you lose all your content ? OMG ! can’t even imagine right ? So, it is very much important to back up your blog daily. You can use wp-db-backup WordPress plugin and Schedule it for backup daily.

Stealth Login Plugin

You can use Stealth Login WordPress plugin, which helps you to create custom url for logging in, out, and registering and administration pages. Example – you can have a login page like this –> http://www.madrasgeek.com/login. It helps to prevent accessing your wp-login.php page from malicious bots etc.

Login LockDown Plugin

There is also another WordPress plugin called Login LockDown WordPress plugin. It records the IP address and timestamp of every failed login attempt. If more than a certain number of attempts are detected within a short period of time from the same IP range, then the login function is disabled for all requests from that range. This helps to prevent brute force password discovery.

WP Scanner Plugin

This plugin allows you to find out various vulnerabilities which are part of your website or blogs. It is a WordPress online scanner which identifies potential vulnerabilities on your blog. Just download this WP Scanner plugin > activate and scan your blog. Don’t forget to disable the plugin once the scanning is finished. Because, others can also run the same scan on your blog for vulnerabilities.

Remove WordPress Version

If hackers get to know about the wordpress version which you’re using, then they can easily find out loop holes on the version which you’re using and attack your website or blog. So, remove the WordPress version on the header of your site.

remove_action(‘wp_head’, ‘wp_generator’);

Just place this single line into your theme’s functions.php file.

Choosing Passwords

Choosing Passwords for your WordPress blogs are very important. Here you can find 15 Useful Tips When Creating a Password For WordPress blogs

10. I learned all these security tips from other websites and blogs. So thought of sharing it with Newbie WordPress users. If you got any other useful Security tip, please share it with us.

For a limited time I'm sharing some select Tips and Tricks and How-To Guides for FREE.


  1. Jaspal says:

    nice tips dude .. keep it up
    .-= Jaspal´s last blog ..How To Add Digg, Stumble, Twitter Share Buttons On Your WordPress Blog =-.

  2. MostlyBlog says:

    really good tips bro,keep it up
    .-= MostlyBlog´s last blog ..Watch Dancing With the Stars Season 10 Online for Free! =-.

  3. Ankit says:

    Do you know any other alternative of Login Lock Down? Actaully it didn’t work properly in my previous blog.

  4. Killer tips.. you didnt left out any points to say

    Bookmarked it :-)
    .-= Tricks tips´s last blog ..TeraCopy – Copy all Files at Lightning Speed =-.

  5. S.Pradeep Kumar says:

    Another contribution from HBB :

    Disable registering feature unless you have a revenue sharing blog or a blog with Guest Blogging feature.

    To Disable it go to General Settings page | turn off Anyone can register option.

    That was a nice read Sri! :)
    .-= S.Pradeep Kumar´s last blog ..20 Sites To Sell Your Blogs Or Websites =-.

  6. Kurt says:

    Great points. But there is another thing which is not so obvious but I saw many new bloggers getting their site hacked due to it. It’s using wordpress themes obtained from warez sites.

    Most of the time these themes have trap codes or backdoors left by the sharer so that he can later attack or infiltrate the blog using the illegal template.

    So the lesson: Always use original and it’s also a way to encourage the theme designer.
    .-= Kurt´s last blog ..4 Steps To Intelligently Choose A Blogging Niche =-.

  7. This is a great post! it is always good to secure your site so that all your hardwork will not be wasted.
    Thanks for the great post.
    .-= Onibalusi Bamidele´s last blog ..Blogging your passion =-.

  8. Siddhu says:

    This is ultimate ! Awesome post… Really helpful for me….
    .-= Siddhu´s last blog ..Tips to choose your antivirus =-.

  9. techtrickz says:

    I am new to WordPress and this kind of information are really helpful. Thanks for informing the log-in plug-ins.
    .-= techtrickz´s last blog ..Turn your Word 2010 into blogging tool for publishing to WordPress or Blogger blog =-.

  10. Simran says:

    Never share your password with anyone.. Nice tips for beginners
    .-= Simran´s last blog ..44 Most Beautiful HQ Apple, MacOS, iPhone Wallpapers =-.

  11. Good article. thank you

  12. Hi Srivatsan,

    Very nice article, thank you for sharing good points …

  13. robes says:

    cool article.

  14. Purse Party says:

    I do not think I have seen this described that way before. You really have cleared this up for me. Thank you!

  15. Robin says:

    Worth bookmarking. :) need more more more.. :)
    .-= Robin´s last blog ..Google BUZZ Share Count Button Announced by Google =-.

  16. Mani Viswanathan says:

    Knew all of them except the Stealth Login URL one..nice tips..Also use themes which are from a reliable source..do read their About info’s, comments therein, Stick to the basic plugins, don’t go for alternatives like,
    For Example:- Platinum SEO plugin is almost a replica of AIO SEO Plugin (Though its completely safe, hv tested it out…Its juzz an eg)

  17. hallie says:

    I love this website, the information is great and I have bookmarked it in my favorites. This is a well organized and informative website. Great Job!

  18. Gurpreet Singh says:

    I am newbie to wordpress and want to learn more about it so please any one can explain the things in backup means does it backup whole things like wordpress softwares, theme installed, plugins and posts. Please clarify it.

  19. I just treasured your marvelous blog.Lots of cheers once more. Much obliged.

  20. Thanks for the post, bookmarked it for future reference.


  1. uberVU - social comments says:

    Social comments and analytics for this post…

    This post was mentioned on Twitter by dangerdiabolick: 10 Simple Security Tips For Newbie WordPress Blogs http://goo.gl/fb/e4XP #fb…

  2. 10 Simple Security Tips For Newbie Wordpress Blogs | digital living 365 says:

    […] 10 Simple Security Tips For Newbie WordPress Blogs Tags: cricket, facebook, featured, freeware, plugin, science, Technology, tutorials, website, […]

  3. 10 Simple Security Tips For Newbie Wordpress Blogs · Staringfrog.com says:

    […] more here: 10 Simple Security Tips For Newbie WordPress Blogs Share and […]

  4. 10 Simple Security Tips For Newbie Wordpress Blogs | WordPressPlanet.com says:

    […] More: 10 Simple Security Tips For Newbie WordPress Blogs […]

  5. Wordpress Belarus » Blog Archive » 10 Simple Security Tips For Newbie Wordpress Blogs says:

    […] See more here: 10 Simple Security Tips For Newbie WordPress Blogs […]

  6. […] This post was mentioned on Twitter by Joomla WordPress, Manoj Pandian, AltafSayani.com, Web Developer Juice, Jaspal Singh and others. Jaspal Singh said: 10 Simple #Security Tips For Newbie #WordPress Blogs – http://tinyurl.com/yfprpr3 (via @dangerdiabolick) […]

  7. wp-popular.com » Blog Archive » 10 Simple Security Tips For Newbie Wordpress Blogs says:

    […] Read this article: 10 Simple Security Tips For Newbie WordPress Blogs […]

  8. Designers' HQ » 10 Important Rules To Follow When You Work From Home says:

    […] big freelancers. So listing out some points will help you to achieve when you become a full time blogger or start your office at […]

Speak Your Mind