WordPress is getting popular on every day.This is a good news for WordPress user and WordPress developers but also this is attracting more hacker to hack WordPress!
So how do you secure your WordPress website?
Here is some tips to make it more secure!
1.Remove Your WordPress Version Number From WordPress Theme
WordPress automatically displays the version you are using in the head of your WordPress Theme files.This may give hacker a opportunity to learn about your website.
To hide it open your theme function.php and paste the following code
2.Change The Default Admin Username
Brute force is one of the easiest ways to break a password where hacker try as many different passwords as possible until the right one is found. If they know your username it will make there task more easier.
3. Add blank index.html on your directory
By default some hosting allow directory browsing which is a security hole for your website.To prevent this add a blank index.html to your all directory.
So if the hacker manage to browse a directory he will see a blank screen 🙂
4.Limit login Attempts
Lets say your website is under Brute force attack so what you can do?
here is very simple solution for you Limit Login Attempts
This plugin will lock the hacker for certain amount of time of he enter wrong password more then a predefined amount of time!!!
Try this plugin now on your website.
5. Force SSL Usage
SSL is a cryptographic protocol that secures communications over networks such as the Internet.Buy SSL and use it to login in WordPress back end.
To do this open your wp-config.php and paste this code
6. Change your wp-admin folder permission to 644
7. Backup your file and database regulatory
Whatever security measure you take it will just slow down a good hacking team
So make sure you are taking regular backup of your website