7 Useful WordPress Security Tips

WordPress is getting popular on every day.This is a good news for WordPress user and WordPress developers but also this is attracting more hacker to hack WordPress!

So how do you secure your WordPress website?

Here is some tips to make it more secure!

1.Remove Your WordPress Version Number From WordPress Theme

WordPress automatically displays the version you are using in the head of your WordPress Theme files.This may give hacker a opportunity to learn about your website.
To hide it open your theme function.php and paste the following code

remove_action('wp_head', 'wp_generator');

2.Change The Default Admin Username

Brute force is one of the easiest ways to break a password where hacker try as many different passwords as possible until the right one is found. If they know your username it will make there task more easier.

3. Add blank index.html on your directory

By default some hosting allow directory browsing which is a security hole for your website.To prevent this add a blank index.html to your all directory.
So if the hacker manage to browse a directory he will see a blank screen 🙂

4.Limit login Attempts

Lets say your website is under Brute force attack so what you can do?
here is very simple solution for you Limit Login Attempts
This plugin will lock the hacker for certain amount of time of he enter wrong password more then a predefined amount of time!!!
Try this plugin now on your website.

5. Force SSL Usage

SSL is a cryptographic protocol that secures communications over networks such as the Internet.Buy SSL and use it to login in WordPress back end.
To do this open your wp-config.php and paste this code

define('FORCE_SSL_ADMIN', true);

6. Change your wp-admin folder permission to 644

7. Backup your file and database regulatory

Whatever security measure you take it will just slow down a good hacking team
So make sure you are taking regular backup of your website

1 reply

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply