I can see many new self hosted WordPress blogs emerging in to the world of blogosphere (don’t forget to include this blog). It is better to try to keep a bad thing from happening than it is to fix the bad thing once it has happened. So, preventing your blog before it gets hacked. Yes, you may be the king in writing content and also in promotion. but if your blog is not secure, you could lose everything overnight.
So, Here we have some useful and basic security tips for newbie WordPress blogs. I’m not covering all the technical aspects like using .htaccess and all those stuff. These are very simple security measures which has to be taken to protect your WordPress blog and explained in clear way for a common man who is using WordPress platform.
Keep WordPress Secure – Avoid Hack Attack
Use always Updated Version
WordPress is an Open source software so, hackers can easily find loop holes. It is better to upgrade when ever WordPress releases the latest version – You can find all the latest patches and bugs which are fixed. Subscribe to WordPress Development blog.
Change Default Username
The second thing which you should take care is, your default username “admin”. Most of the blogs will have the default username for signing in. Hackers can easily find out and they will try to break your website using brute force method. So, it is better to change the default username. You can change the default username very easily. Just add a new user, give the administrator privilege, Login to dashboard as a new user and delete the default admin username.
Disable Folder Browsing
You should not forget to disable folder browsing – I mean we can easily access /wp-content/plugins/ (or) /wp-content/uploads in the default installation. So, If a person is able to see what are the plugins you have installed, then it is easy for them to find out vulnerability and enter into your website. So, just add index.html (it should be blank file), drag and drop the index.html file into the folders. So when, someone try to access it hides the files with index.html page as in front. If you’re using new version, it has index.php by default.
Back up !
Here is the most useful tip for anyone, Backup ! back up and back up ! Back up your blog daily. Suppose, if you lose all your content ? OMG ! can’t even imagine right ? So, it is very much important to back up your blog daily. You can use wp-db-backup WordPress plugin and Schedule it for backup daily.
Stealth Login Plugin
You can use Stealth Login WordPress plugin, which helps you to create custom url for logging in, out, and registering and administration pages. Example – you can have a login page like this –> http://www.madrasgeek.com/login. It helps to prevent accessing your wp-login.php page from malicious bots etc.
Login LockDown Plugin
There is also another WordPress plugin called Login LockDown WordPress plugin. It records the IP address and timestamp of every failed login attempt. If more than a certain number of attempts are detected within a short period of time from the same IP range, then the login function is disabled for all requests from that range. This helps to prevent brute force password discovery.
WP Scanner Plugin
This plugin allows you to find out various vulnerabilities which are part of your website or blogs. It is a WordPress online scanner which identifies potential vulnerabilities on your blog. Just download this WP Scanner plugin > activate and scan your blog. Don’t forget to disable the plugin once the scanning is finished. Because, others can also run the same scan on your blog for vulnerabilities.
Remove WordPress Version
If hackers get to know about the wordpress version which you’re using, then they can easily find out loop holes on the version which you’re using and attack your website or blog. So, remove the WordPress version on the header of your site.
Just place this single line into your theme’s functions.php file.
Choosing Passwords for your WordPress blogs are very important. Here you can find 15 Useful Tips When Creating a Password For WordPress blogs
10. I learned all these security tips from other websites and blogs. So thought of sharing it with Newbie WordPress users. If you got any other useful Security tip, please share it with us.
| For a limited time I'm sharing some select Tips and Tricks and How-To Guides for FREE. |