• Home
  • Archive
  • Tools
  • Contact Us

The Customize Windows

Technology Journal

  • Cloud Computing
  • Computer
  • Digital Photography
  • Windows 7
  • Archive
  • Cloud Computing
  • Virtualization
  • Computer and Internet
  • Digital Photography
  • Android
  • Sysadmin
  • Electronics
  • Big Data
  • Virtualization
  • Downloads
  • Web Development
  • Apple
  • Android
Advertisement
You are here: Home » 15 Tips to secure your WordPress site

By Abhishek Ghosh March 7, 2011 2:39 pm Updated on March 7, 2011

15 Tips to secure your WordPress site

Advertisement

Some time ago we had a problem with our WordPress site suffered a little hacking. So to stop these happening again, we applied some tips to help secure our WordPress site. Here are some tricks that might help you too.15 Tips to secure your WordPress site

 

Updating and changing password:

1) We know it is boring but we will never repeat it enough, but a strong password is the best line of defense. Do not choose a traditional password as “admin”, “password”, “123” etc. You should take a moderate to tough password with uppercase and lowercase letters with numbers and signs “+ -* /” .

Advertisement

---

2) Your password should be memorable. Previously, we already wrote how to increase the strength of your password.

3) Always keep your WordPress version to date. The latest version, at the time of this writing, is 3.1.

4) Update the plugins installed on your WordPress site.

 

 

Interesting plugin for your WordPress site:

5) Backup your site more frequently with the tools provided by your host or the plugin WordPress Database Backup .

6) Use the plugin WP scanner to check for vulnerabilities in your site and thus can be corrected. We have used this plugin and it shows what to change to make your site more secure even if sometimes the changes are sometimes enough to be difficult.

 

 

Protecting your code and your files in WordPress:

 

 

7) In your search.php file, do not use this code as a search on your entire server should not be allowed:

 

<? Php echo $ _SERVER [‘>];? PHP_SELF ‘

 

Replace it with this code:

 

<? Php bloginfo (‘home’);?>

 

8) You can limit access to the wp-admin files by allowing a single IP address. Interesting, but there is a downside: if your ISP assigns you a dynamic address. You will need to update your .Htaccess file in your wp-admin folder (and not root.)

 

AuthUserFile / dev / null
AuthGroupFile / dev / null
AuthName “Example Access Control”
AuthType Basic
<Limit GET>
order deny, allow
deny from all
allow from <Your @ IP>
allow from other <An @ IP>
</ LIMIT>

 

9) Protect your wp-config.php with this code, you must write at the beginning of your. Htaccess at the root.

 

<FilesMatch ^wp-config.php$> Deny from all </ FilesMatch>

 

This will protect a little file that stores your username and password database.

10) The plugin AskApache adds a user name and password that will allow you to access files in your wp-admin folder. It is written in the htaccess file, encrypts your password and creates the file htpasswd.

11) Use SSH / Shell Access instead of FTP. Through the use of SSH, everything is encrypted even file transfers.

12) Do not show what plugins you are using by downloading a blank file index.html in the plugins folder.

 

 

More tips on securing your WordPress site site:

 

13) The version of your WordPress is displayed in the source page. Simply delete this line in header.php:

 

<Meta content = “WordPress <? Php bloginfo (‘version’);?>” /> <! – Leave this for stats please ->

 

But it is not over, to completely erase the version of WordPress, you need to do another manipulation:

 

wpbeginner_remove_version function () {
return “;
}
add_filter (‘the_generator’, ‘wpbeginner_remove_version’);

 

This code also allows you to remove the version number in your RSS feed.

14) The plugin Login Lockdown logs IP addresses trying to connect to your admin panel. If more than a certain number of attempts are detected within a short period of time with the same IP range, then the connection function is disabled.

15) The problem is that Google indexes all ! We will stop Google from indexing all files that are in the files that start with “wp-“. You must then write this code in the robots.txt file that you put at the root of your site.

 

Disallow: / wp-*

Signature

This Article Has Been Shared 581 Times!

Facebook Twitter Pinterest
Abhishek Ghosh

About Abhishek Ghosh

Abhishek Ghosh is a Businessman, Surgeon, Author and Blogger. You can keep touch with him on Twitter - @AbhishekCTRL.

Here’s what we’ve got for you which might like :

Articles Related to 15 Tips to secure your WordPress site

  • How to automatically publish your blog posts on Twitter and Facebook?

    Publishing post links manually on Twitter or Facebook page really take too much time.There are ways to do it automatically from blogging platforms such as Wordpress or Blogger.

  • Speed up WordPress by Gzip Compression from .Htaccess and php flush

    Google said that the speed of page loading was a factor to consider in the SEO, then we should better optimize it.

  • Disallow crawler access to wp-admin folder to decrease server load

    Disallow crawler folder specific syntax can be used in robots.txt to stop Google crawler to crawl your Wordpress blog’s core areas to decrease the server load.

  • Earn money with blogging : 5 fresh tips

    Earn money from your blog with these fresh ideas. This article is written specifically for the dummies who has no guess how and where from to start making money from blog.

  • 100 Tips for Building and Maintaining a Successful Blog

    100 Tips for Building and Maintaining a Successful Blog is the 2500th article published on this website.Free Infographic is also included so that you print it.

Additionally, performing a search on this website can help you. Also, we have YouTube Videos.

Take The Conversation Further ...

We'd love to know your thoughts on this article.
Meet the Author over on Twitter to join the conversation right now!

If you want to Advertise on our Article or want a Sponsored Article, you are invited to Contact us.

Contact Us

Subscribe To Our Free Newsletter

Get new posts by email:

Please Confirm the Subscription When Approval Email Will Arrive in Your Email Inbox as Second Step.

Search this website…

 

Popular Articles

Our Homepage is best place to find popular articles!

Here Are Some Good to Read Articles :

  • Cloud Computing Service Models
  • What is Cloud Computing?
  • Cloud Computing and Social Networks in Mobile Space
  • ARM Processor Architecture
  • What Camera Mode to Choose
  • Indispensable MySQL queries for custom fields in WordPress
  • Windows 7 Speech Recognition Scripting Related Tutorials

Social Networks

  • Pinterest (22.1K Followers)
  • Twitter (5.8k Followers)
  • Facebook (5.7k Followers)
  • LinkedIn (3.7k Followers)
  • YouTube (1.3k Followers)
  • GitHub (Repository)
  • GitHub (Gists)
Looking to publish sponsored article on our website?

Contact us

Recent Posts

  • Safe Chargers for Samsung Galaxy S22 Ultra June 27, 2022
  • How Telecoms Can Use The Cloud To Power Their 5G Network June 24, 2022
  • A Beginner Guide to Cloud Computing for Development June 22, 2022
  • 5 Benefits of Using a Virtual Data Room Today June 19, 2022
  • Top System Administration Courses 2022 June 18, 2022

About This Article

Cite this article as: Abhishek Ghosh, "15 Tips to secure your WordPress site," in The Customize Windows, March 7, 2011, June 29, 2022, https://thecustomizewindows.com/2011/03/15-tips-to-secure-your-wordpress-site/.

Source:The Customize Windows, JiMA.in

This website uses cookies. If you do not want to allow us to use cookies and/or non-personalized Ads, kindly clear browser cookies after closing this webpage.

Read Privacy Policy.

PC users can consult Corrine Chorney for Security.

Want to know more about us? Read Notability and Mentions & Our Setup.

Copyright © 2022 - The Customize Windows | dESIGNed by The Customize Windows

Copyright  · Privacy Policy  · Advertising Policy  · Terms of Service  · Refund Policy