Make Your Wordpress Blog More Secure From Hackers With Tips/Tricks

WordPress is a very popular platform for publishing content on the Internet and this makes sites hosted on this a regular target of brute force login attempts . Insecure WordPress installations is also commonly used to attack other sites through attacks DDOS. These automated attacks on all hosting platforms and try to find writers using default usernames, passwords weak and outdated facilities WordPress.

Most content publishers who are unaware of the threat from hackers and may not even know that a successful attack took place before it is too late and lose visitors and search engines . Do not let this happen to you . These are simple safety measures that any blogger can implement today to make their sites more secure and help prevent hacking attacks .

1. Create a new user account

It is more difficult for a hacker to break into your wordpress site, when both the username and password will be cracked. That is why you need to create a new user and delete the WordPress default "admin" user. This is one of those things I do as soon as I can setup a new site. You can create a user by going to " users " then " Add New " menu in WordPress. When creating a new user , make sure to give him the role of "manager" .

This will ensure that you have full power over the site. Now , simply disconnect from the default account "admin" and log in with the new user information . In " Users " delete the default administrator name . Make sure to select the option to transfer your old posts to a new user name when deleting the account "admin". Do this first before proceeding to the next step.

2 . Use a strong password

Do not use simple passwords for your WordPress . Weak passwords could be easy for you to remember , but it is also easier for a hacker to crack . Use more powerful and more secure passwords instead. Your password must be at least eight characters , should include numbers , should contain special characters and upper and lowercase letters . Change your password before going to the next step.

3 . Define a new alias

You do not want the new user name to be the name of the author who appears in all positions . Set the alias uses WordPress as author name to something other than your username . You can do this in the "Users" in the " Your Profile " in the Nickname field . Select a new alias and set " Display name publicly as " the new nickname.

4. Disabling connections from specific IP addresses

Sign Lockdown plugin records the IP address and timestamps of each failed connection attempt to access your WordPress . If more than a certain number of login attempts are detected within a short period from the same area IP, then the connection function is disabled for all requests from that range IP. An alternative to this is Limit Login Attempts plugins and do the same .

5. Blacklist all IP addresses other than your own

A better solution for some is to blacklist all connect to the administrator, except yourself . You can do this by going to wp-admin folder of your WordPress installation and to open the file htaccess. . Add this code anywhere in the file and make sure to add your IP numbers there ( such as " what is my IP " in Google to find your IP address ) :
[ Source ]

to refuse to allow
deny from all
# Whitelist home IP address
permit from YOURIPNUMBER
# IP address whitelist work
permit from YOURIPNUMBER
# Whitelist vacation IP address
permit from YOURIPNUMBER

[/ Sourcecode]

You can put different IP addresses if you move there quite a lot, but if someone is not enough for you , that is fine as well. Now , when someone tries to access the login page of your site will get this message :

Forbidden . You are not authorized to access / wp-admin on this server .

The only downside of doing something like this is that if your IP address changes should go to your FTP and update the document with your new IP . This can be a boring thing to do especially if your IP address changes frequently . Another negative is if you travel a lot using the Internet from different locations . Basically every time you need to connect to FTP, find your IP address and put it in htaccess.

6. Block bots

This is actually simple to do and it means that if and when a bot stumbles your site will be blocked and will not be able to do any damage . To prevent bots just need to locate your htaccess file . In your server to your main list (not in / wp-admin / folder , as in the step above ) and paste this list at the top of your file .

7. Do not leave matches user ratings

If you do not have a membership , then there is no reason to allow visitors to register for a guest account on your website. To make sure you got disabled registration , click " Settings " and make sure " Anyone can register " option is not selected.

8. Do not allow pings

WordPress sites have pingback enabled option can be used in DDOS attacks against other sites. This option is enabled by default, so it is important to turn it off . In the " Settings " go to " debate " and " Default Rule Settings" tick " Allow link notifications from other blogs (pingbacks and trackbacks ) ."

9. Activate the plugin Box

There are many plugins security can help protect your site and to prevent any attempts at hacking. Two of the best options is Wordfence Security and improving WP security . Both do quite a few things to make your site more secure , including forcing you to use stronger passwords , making you delete the administrator user name and also do not hinder traffic bot and help you make regular security scans .

10. Keep an eye on Tools for Webmasters

The Google Webmaster Tools is a valuable resource , even for the safety of your site . The section " Security Issues " profile notify you if Google has detected malware or any other security issues with your site . Keep an eye on it and act quickly .

11. always upgrade

Always upgrade to the latest version of WordPress, the latest version of your subject and the latest version of plugins you can use . One of the reasons developers upgrade the software and plugins are the security vulnerability found in earlier versions . WordPress with all these upgrades are simple , automated processes with one click through the environment WordPress.

When there is a new upgrade available , WordPress, we will send you a notification at the top of your dashboard . It will say "WordPress X is available! Please update now" . Click this and upgrading is a simple one click away . There are no excuses for not upgrading.

If you are afraid to upgrade because of some old WordPress theme that you are using is not compatible with the new WordPress, then please move on to something more modern and something that you know is a developer and a community behind it.

12. Backup automatically

Taking regular backups of content and databases is important. In case something happens to your site, you can always use the backup to recover your files . There are many plugins that make it simple to backup your files automatically. One of them is BackWPup. Activate the plugin and set it to automatically back up your site and send the backup file to your email. Two minutes work to install , activate, and set it so that it sends you a new email with a new backup automatically every day, every week or whenever you decide.

No more problems hackingThese simple steps can be performed fairly quickly and will make your site much more difficult to break . This means that you would never have a hacking problem , they will feel safer and will be able to focus your time on creating compelling content and building an audience . Happy blogging!