Security is like a part of our life which includes blogging also. In real life, we use keys to secure our house, car and many others from unwanted visitors or unwanted person. Same as your websites, in this case your blog. We also need to protect your blog from unwanted/bad visitors or hackers.
In this article I am sharing some tips on how to secure a wordpress blog/site.
1. Change default Admin User and Password Credentials
First of all one should change admin username from admin to some other name. As when wordpress is installed “admin” is by default the username and everyone knows this. So its better to change to some other name.
Also one should keep changing the admin Username and Password frequently.
2. Use SSL Encryption For your Blog/Sites
With SSL encryption you can encrypt your data that being send. This will prevent someone that want to intercept your data like account credential by accessing the router. Your data will very hard to read and hard to decrypt. To have an SSL encryption you have to pay it. There are lot of SSL encryption service out there, and they can assist you how to install it. And for your WordPress blog, you can force your wordpress to always use SSL, add this line to your wp-config.php:
define(‘FORCE_SSL_ADMIN’, true);
3. Limit IP access to Wp-Admin
If you always use same system or PC, with a fixed IP, then you can restrict access to the wp-admin directory with a simple .htaccess hack:
order deny, allow
allow from 127.0.0.1. #change to your static ip
deny from all
4. Limit No of Wrong Login Attempts
You can limit the number of wrong login attempts to your WordPress blogs. To limit the number of attempts you can use this plugin Login LockDown
5. Protect WP-Config.php
This is the file that contains most crucial information of your blog i.e Database Username, Password. You can protect this file by simply adding following code in your .htaccess file :
# protect wpconfig.php
order allow,deny from all
6. Protect your blog from bad queries from url request
Sometimes bad URL requests are used to access blog/site’s data, and this can be really bad. You can protect this by using Secure WordPress plugin.
7. Few Extra Precautions
- Keep latest WordPress version
- Keep all the plugins Updated
- Never Download plugins/theme etc from unknown sources
- Backup your blog from time to time.
Bonus Tip: To avoid direct access to any directory of your blog, just add a blank index.html file in that folder.
Do share your views with us
