Your ads will be inserted here by
Easy Plugin for AdSense.
Please go to the plugin admin page to
Paste your ad code OR
Suppress this ad slot.
If you have ever had your site hacked in the past your know it’s not a fun experience and even though WordPress is quite secure out of the box there are a number of things that can be done to make it more secure to ensure you don’t get hacked in the future.
Below are the best tips to secure your WordPress installation from hackers.
1) Choose a hard to guess Admin username and password. Don’t use a username that’s easy to guess such as admin or administrator. Make sure to put special characters and numbers into your username to make it harder for a hacker to gain entry.
2) Choose a long password with plenty of character variation in it such as capitols and special symbols like $#)* so that it will make it extremely hard for a brute force hacking program to guess it. If you use the One Click install through Hostgator they will provide you with a solid password when you install WordPress.
2) Keep your WordPress and plugins up to date at all times. One of the ways that hackers gain entry is they find a security vulnerability in a plugin or exploit in the core files of WordPress and use these vulnerabilities to gain entry to your site or inject their own code into your site so don’t ignore the update messages as most likely they will address whatever the latest security vulnerability has been exposed.
3) Limit login attempts to your admin area. This is an excellent way to prevent your WordPress from ever being hacked by a Brute force program which will try to gain entry by attempting to guess your password just by entering the most common passwords until they can gain entry. Limit Login Attempts is a great plugin to stop just that. Once installed you can set it to limit the login attempts that someone can make and will stop any brute force attacks in their tracks.
4) Get your themes and plugins from reputable sources such as the WordPress directory or a reputable third party. If you go looking for plugins for free from website you don’t know you could be inadvertently leaving yourself open installing a plugin or theme that will leave you open to hacking. Downloading plugins from reputable sources is the only way you can be sure that you are not downloading a plugin or theme that will leave you vulnerable. Also downloading from a reputable source is the best chance that the theme or plugin developer will keep their theme or plugin updated and secure as time goes on.
Your ads will be inserted here by
Easy Plugin for AdSense.
Please go to the plugin admin page to
Paste your ad code OR
Suppress this ad slot.
5) Change your folder permissions to make your files more secure. If you are hosting with one of the larger reputable hosting companies such as Hostgator then you are covered already and they have done this for you.
If you want to double check the basic security settings for WordPress folders they should have 0755 permissions and WordPress files should have 0644 permissions.
6) Remove and themes and plugins you don’t use. Having old plugins and themes installed can create security vulnerabilities as these themes and plugins won’t be getting updated regularly and give can still give access to a hacker into our site. Deactivating plugins isn’t enough you should delete plugins and themes you don’t intend to use and activate.
7) Adding two step login authentication. A really good way to secure your WordPress Installation is to setup two factor authentication which means that your website will require a password plus a second code sent directly to your smartphone that is generated each time you login. There are several plugins that can do this and you can check out Google Authenticator which is a popular method.
8) Create regular backups of your site. There are many WordPress backup plugins that you can use and this is the one that we use WordPress Database Backup. This plugin will allow you to set the schedule that the backups are created and will email you a copy of the backup. That way if you ever are hacked you will be able to quickly and easily reset your website with your latest backup.
For additional reading and tips on how to secure and harden your WordPress installation you can check out the WordPress.org security page.
Previous -> How-to Install a WordPress Theme
Next -> Best Must Have WordPress Plugins