Wednesday, June 24, 2015

5 Essentials For WordPress Site Security!

Tips To Secure Your WordPress Blog or Website!


WordPress securityCreating a blog or a website on WordPress is hard and many people face difficulty setting up a WordPress site or blog! People invest time in WordPress site so that they can establish a website! But many times there are haters on the internet and they don't like what they see! They wanna practice their hacking techniques on your WordPress site! Even my website got attacked couple of times and they were successful destroying my WordPress website! But There are many ways you can protect your WordPress site and these are kind of essentials that can be used to protect your WordPress site. These steps can help you save money and save your WordPress site.


Follow these things and hopefully you can save your WordPress site from hackers. These are 5 steps to protect your WordPress site and improve your WordPress site's security!

01. Changing the login Path!


If you ask a kid who knows WordPress how to enter WordPress Admin's dashboard? He will tell you that its simple. You just enter wp-admin at the end of the address of the site and you will see the login dashboard for admins and users! Everyone knows how to enter and login WordPress site. The sad part is that even the hackers know that how to enter your WordPress Login dashboard by wp-admin! Everyone can enter and when a hacker enters he can easily bruteforce your site! Sure you might have a strong password but think about your resources on the web host! Think about how much resources these kind of attacks will eat on your WordPress site! And if you are on shared host then your subscription might gets cancelled because of resources usage!

The best way to protect your WordPress site is to change your login path for admin and change the Wp-admin to something that only you know! So change  your Wp-Admin to something that you only know and no one can see the login screen except you! There are many security plugins that allow to change the default Wp-admin to something you desire without any kind of hard coding!

02. Get a Firewall!


When you get a computer the first thing you see is if your computer has a Antivirus and Firewall installed! But why not check your site if it got a firewall or not? If its protected against injection from hackers. Install a free WordPress firewall to protect your site and protect the consumption of the resources because of the attacks hackers plan! Firewall simply tell the hackers to get lost and restricts injections from hackers!

If you WordPress site is missing a Firewall then consider your site open to hackers as there is no shield against anything that they send towards your way!

03. Restricting Login Tries!


With a brute force attack a hacker can gain access to your site or eat your site's or host's resources. How they do it? Well they put a software of bot who tries different passwords again and again until it gains access or your site's resources get overloaded! The best way to stop these kind of attacks is to restrict login tries! You know when you try to login on different sites and it tells you that your ip is blocked because of multiple failed attempts! Yes you can do this! There are many plugins available in WordPress which restricts login failed attempts! This will save your site and also save your bandwidth!

04. Changing .hta File access & Permission!


WordPress site's details and all the information is stored in a file called .htaacess. All your site's details and usage policy is described in this file and you can see this file in public_html of your web host or FTP file manager. But this file can also be seen by the people who simply type the file name at the end of the address of your website! If this file gets damaged or tempered by hackers then you cannot recover and you might have to get a professional to fix the site! There are many tools on WordPress which prevents ordinary users to get into the file or even see the file! Get a good plugin which prevents access to the .htaacess file! Also change file permission via FTP on this file to save your WordPress site.

05. Blacklisting Bad IP's!


There are many lists on the internet that have blacklisted IP's that had been used by hackers in the past and if you blacklist all these IP's then you might have a chance to prevent your site from getting destroyed hackers. Also there are plugins that blacklist bad IP's that are blocked by the security sites! and antivirus sites!

Blacklisting the bad IP's will result in the user not gaining access to your site at all!

No comments:

Post a Comment