7 Tips For Wordpress Blog Security


WordPress is the most popular blogging platform in the world. It is easy to install and fun to use. Many hosting providers offer one-click installation. Installing updates and plugins also takes no more than 3 clicks or 2 minutes.
Due to its global popularity, the platform frequently becomes the target of hackers and spammers.
Keeping your blog secure is an essential step to building your online presence, so never underestimate the following basic steps to making your wp-admin a safer place:

Mind the Security Basics

Wordpress has been issuing updates almost monthly recently. Each update has some enhanced security features that protect your blog from always-evolving army of hackers. Like I have said above, usually updating Wordpress as well as plugins takes seconds, so never forget to do that.

Keep Admin Folder Secure

There are a few easy ways to protect your admin folder:
  1. Set up IP limitations: only let people with certain IP addresses access your wp-admin section. This is not always possible though as many of us blog from different places and many Internet providers offer dynamic IPs
  2. Consider security Wordpress plugins: Some WP plugins will let you set up an intermediate page requiring additional password or lock the page after a few failed login attempts (here's one such plugin for example).

Keep Your Login Info Unique

The very first step to making sure your blog login info is secure is to delete the default admin user and create a unique username. Then make sure your "login name" and "Display name" are different. Make sure your password is hard to hack: it should contain min. 10 characters mixing letters, symbols, and numbers.

Keep FTP Uploader Secure

When you are any FTP uploader to upload new themes or plugins, always keep your desktop antivirus up-to-date and scan each file you are going to upload. Make sure your uploader password is also secure.

Lock Specific Folders and Files

Here's an easy-to-implement tutorial on blocking your wp-admin folder by Limiting Access in .htaccess

Remove Version Number

Many themes have the "version" details in the header which hackers always use to access the private areas. Here's another great tutorial on the right way to remove that visible version number from your theme.
Following the above steps takes just a few minutes but they will secure your Wordpress blogs from most hack attempts and protect your brand. Remember many hack attacks result in months of hard work to recover. It is much easier to keep yourself safe than coping with the consequences.
 

Do you have questions, comments, or suggestions? Feel free to post a comment! 




Subscribe to Saint Andrew's Paradise
Liked this post?

Subscribe to "Saint Andrew's Paradise" and get all new tricks, tools and regular updates to your inbox!

    




Share your views...

0 Respones to "7 Tips For Wordpress Blog Security"

Post a Comment

Subscribe to: Post Comments (Atom)
 

About Me

Saint Andrew is a computer science student. Saint Andrew is a founder of the blog Saint Andrew's Hacking Paradise.

His mission and the aim of this blog is to make the reader aware of the existing threats and describe them in comprehensible way.

"Saint Andrew's Hacking Paradise" is a place to Learn, Understand and Explore the facts of computer technology.

You are always welcome to contact us to suggest ideas, tips, or to ask questions.

© 2011 Saint Andrew's Hacking Paradise

This blog run on iThesis Theme & hosted by Blogger