WordPress Security Tips You Most Likely Avoid
WordPress is very popular platform for blogging that we all know, but very
few of us know that it's open source software.
You may wonder, "What open source means?"
Open source software means that the source code of software is freely
available for edits, modification. And people are free to do some new
experiments with codes to learn cracking or hacking.
Don't get me wrong, WordPress is a secure piece of software if we take some
steps to make it secure.
Besides find a secured WordPress hosting for it, below we list out some more
steps that will make your WordPress securer:
Never Ever Use "Admin" As Username
The default WordPress user account that gets created automatically with
every installation of WordPress is the admin account. Unfortunately, the
whole world knows this, including hackers, and can easily hack your blog by
lunching dictionary attack to guess your password.
If hacker knows your username then the half battle is already won, and the
other half will not take too much time. So, make sure you create another
admin account with new username and password. Then delete the default one.
Install Login LockDown
Hacker will try to break your login details (username & password) by using
brute force or dictionary attack. Login lockdown plugin will prevent your
blog from these types of attacks. All you've to do is install the login
lockdown plugin and set it out according to your preference.
Login lockdown records the IP address and timestamp of every failed login
attempt. If more than a certain numbers of login attempts are detected
within a short time interval from the same IP then login request from that
IP will be blocked. This helps us to prevent brute force attack.
Install Secure WordPress plugin
There are many places inside your WordPress site from where hackers can get
the information like WordPress version, theme update, and other dangerous
information's which is required to hack your site.
Secure WordPress plugin helps you to hide all these information so that
hackers don't have necessary information's. All you've to do is install
secure WordPress plugin and set it our according to your preference.
Move Your WP-Config File
Did you know since WordPress 2.6 you can move your WP-Config file outside of
your root directory? Most people don't know about it and the ones know about
it don't do it. If you want to secure your WordPress site then move your
config file one level up. WordPress will automatically find the new place of
config file.
If you want to make your blog or WordPress site secure then follow all of
the above tips. And share your methods of preventing WordPress.
If you have any questions or comments please contact me.
Regards Gerald
Website: http://www.webcraft.ws
E-mail: gerald@webcraft.ws
Twitter: WebcraftGuru
Facebook: Webcraft Guru
I'm protected by SpamBrave
http://www.spambrave.com/
WordPress is very popular platform for blogging that we all know, but very
few of us know that it's open source software.
You may wonder, "What open source means?"
Open source software means that the source code of software is freely
available for edits, modification. And people are free to do some new
experiments with codes to learn cracking or hacking.
Don't get me wrong, WordPress is a secure piece of software if we take some
steps to make it secure.
Besides find a secured WordPress hosting for it, below we list out some more
steps that will make your WordPress securer:
Never Ever Use "Admin" As Username
The default WordPress user account that gets created automatically with
every installation of WordPress is the admin account. Unfortunately, the
whole world knows this, including hackers, and can easily hack your blog by
lunching dictionary attack to guess your password.
If hacker knows your username then the half battle is already won, and the
other half will not take too much time. So, make sure you create another
admin account with new username and password. Then delete the default one.
Install Login LockDown
Hacker will try to break your login details (username & password) by using
brute force or dictionary attack. Login lockdown plugin will prevent your
blog from these types of attacks. All you've to do is install the login
lockdown plugin and set it out according to your preference.
Login lockdown records the IP address and timestamp of every failed login
attempt. If more than a certain numbers of login attempts are detected
within a short time interval from the same IP then login request from that
IP will be blocked. This helps us to prevent brute force attack.
Install Secure WordPress plugin
There are many places inside your WordPress site from where hackers can get
the information like WordPress version, theme update, and other dangerous
information's which is required to hack your site.
Secure WordPress plugin helps you to hide all these information so that
hackers don't have necessary information's. All you've to do is install
secure WordPress plugin and set it our according to your preference.
Move Your WP-Config File
Did you know since WordPress 2.6 you can move your WP-Config file outside of
your root directory? Most people don't know about it and the ones know about
it don't do it. If you want to secure your WordPress site then move your
config file one level up. WordPress will automatically find the new place of
config file.
If you want to make your blog or WordPress site secure then follow all of
the above tips. And share your methods of preventing WordPress.
If you have any questions or comments please contact me.
Regards Gerald
Website: http://www.webcraft.ws
E-mail: gerald@webcraft.ws
Twitter: WebcraftGuru
Facebook: Webcraft Guru
I'm protected by SpamBrave
http://www.spambrave.com/
Comments