Most of us using wordpress to power our sites, usually don’t really concern about the back-end security of the site. Secure Your WordPress Website is a must in today; world. Now WordPress releases it’s new updates to the WordPress Core almost once a month. These new updates contains the fixes to the security issues that the former wordpress core files had. Anyway that is not the topic that I am going to discuss today. It is up to WordPress team to Protect the security of the WordPress Core. But it is our duty to secure our site from malware, Viruses, hackers, etc. There are some easy steps that can be followed to easily secure your wordpress powered site. Let’s look at the ways of Secure Your WordPress Website in detail. Secure Your WordPress Website.
Don’t use “admin” as your Username
The most common username that people uses in these days is “admin” because it is the default in the WordPress installation. As default, in the WordPress installation, WordPress gives you the default username as “admin”. Please remember that, don’t use it anymore.But do you know that, It opens the doors to the hackers to hack your site. What they do is that, they guess the username as “admin” and try to jump on to your site. So please remember not to use “admin” as your username. But what to do, if you already used that. It can’t be changed in the WordPress General User settings. There is a simple method to do it.
All you need to do is that install “WP ALL IN ONE SECURITY AND FIREWALL” Plugin. It can be found here. Just install this plugin and navigate to WP Security> User Accounts. From there, you can change your settings. If you are using “admin” as your username, the plugin will show you the option to change it. If your username is not “admin” just don’t worry. The plugin will not show a settings to do that.
Use a Powerful Password
All of us use password in our day today life. But have you ever checked it’s strength? Probably not. The abouve mentioned “WP ALL IN ONE SECURITY AND FIREWALL” Plugin will give you an option to test your password for strength. To do that, you have to navigate to Wp Security> User Accounts> Password. (The password tab is on the top. You have to select that to go to the password strength checker.) It will show you how any seconds, minutes, hours, days, years etc. that will be taken by the hackers to crack your password. In my case it showed that, the hackers will take 116810094568 years, 8 months to crack my password. Amazing!!! Isn’t is??? :3
Change the Table Prefix
Most of us use the Predefined settings by the wordpress when in the time of the WordPress installation. Among them, The Table Prefix is also one thing. Its is a must to change this setting to something different from the default. If your Table Prefix is WP_ which is the default one, it would be much easier for the hackers to guess.But simple think that yours one is htyps_, it is pretty obvious that it is pretty hard to guess. So we need to set is to something hard to guess. The “WP ALL IN ONE SECURITY AND FIREWALL” Plugin. even gives you an option to change this. Let’s see that how can we do this. First Navigate to WP Security> Database Security. There you can find an option to change he Table Prefix. Check the box to Create a random table prefix or enter a custom one in the text box given and save the changes. now that you can see, your table prefix has been changed.
Disable File Editing.
Most of us don’t know that WordPress comes with an inbuilt file editor which can be used to edit php, html like files. But the best thing for our site’s security is that to disable the wordpress editor. If a hacker got a chance to get into your site, the easiest method for him to edit the files is that the wordpress inbuilt editor. SO it is good to disable it. There is also an option in that plugin to disable it. You need to navigate to WP Security> Filesystem Security> PHP File Editing. From there you need tot tick the box that says disable the option to edit php files in the dashboard.
There is another way that this can be done. it is that simply adding this line of code to wp-config.php.
Limit Login Attempts
A must do thing is that to limit the login attempts. The plugin also gives options to do that. I’ll tell it in briefly. Navigate to WP-security> User Login. There you will find many options to limit the login attempts. From there, You can change max login attempts, Login Retry Time Period, Time Length of Lockout, etc.
The easiest way to do that is install a security captcha Plugin. There are tops of plugins that will do this for you. But I recommend this plugin. It is Sweet Captcha. It is based on a simple image verification process. It can be found here. for free. All the tutorials on how to setup it, can be found within their website. SO it is easier for you to browse their website. Secure Your WordPress Website.
Using of Free or Paid Themes and Plugins.
Nowadays, there are tons and tons of plugins and themes which are free and premium. It is OK to use free themes and plugins. But when you need an premium theme or a plugin, make sure that buy them, without using their nulled versions. The problem behind the nulled versions is that the files may have been encrypted with the backdoors of the hackers of the theme. Think that, you have bought a theme or a plugin. You will receive all it’s updates and security releases directly from the publisher. SO bear in mind that. be careful when using nulled versions of the themes and plugins.
SO that concludes the today’s post of mine. I hope that yourguys will Secure Your WordPress Website afer reading this post. Bear in mind that there will be a part 2 of this topic because there are lots of things to be discussed when talking about WordPress Security. Thanks For reading my post. So if you have enjoyed my post, please share it and like it. We’ll meet in the next part of this post. Till then it is Good Bye for Your-guys!!!