WordPress is very popular platform for blogging that we all know, but very few of us know that it’s open source software.
You may wonder, “What open source means?”
Open source software means that the source code of software is freely available for edits, modification. And people are free to do some new experiments with codes to learn cracking or hacking.
Don’t get me wrong, WordPress is a secure piece of software if we take some steps to make it secure.
Besides find a secured WordPress hosting for it, below we list out some more steps that will make your WordPress securer:
Never Ever Use “Admin” As Username
The default WordPress user account that gets created automatically with every installation of WordPress is the admin account. Unfortunately, the whole world knows this, including hackers, and can easily hack your blog by lunching dictionary attack to guess your password.
If hacker knows your username then the half battle is already won, and the other half will not take too much time. So, make sure you create another admin account with new username and password. Then delete the default one.
Install Login LockDown
Hacker will try to break your login details (username & password) by using brute force or dictionary attack. Login lockdown plugin will prevent your blog from these types of attacks. All you’ve to do is install the login lockdown plugin and set it out according to your preference.
Login lockdown records the IP address and timestamp of every failed login attempt. If more than a certain numbers of login attempts are detected within a short time interval from the same IP then login request from that IP will be blocked. This helps us to prevent brute force attack.
Install Secure WordPress plugin
There are many places inside your WordPress site from where hackers can get the information like WordPress version, theme update, and other dangerous information’s which is required to hack your site.
Secure WordPress plugin helps you to hide all these information so that hackers don’t have necessary information’s. All you’ve to do is install secure WordPress plugin and set it our according to your preference.
Move Your WP-Config File
Did you know since WordPress 2.6 you can move your WP-Config file outside of your root directory? Most people don’t know about it and the ones know about it don’t do it. If you want to secure your WordPress site then move your config file one level up. WordPress will automatically find the new place of config file.
If you want to make your blog or WordPress site secure then follow all of the above tips. And share your methods of preventing WordPress.