Secure your Wordpress site

21:11:00
 WordPress is a free and open-source tool and a content management system (CMS) based on PHP and MySQL. Features include a plugin architecture and a template system. WordPress was used by more than 23.3% of the top 10 million websites as of January 2015.WordPress is the most popular blogging system in use on the Web at more than 60 million websites.
 WORDPRESS

1. Erase the username "Administrator" 
The default username when making a WordPress site is "administrator." Most individuals keep this username. This makes it dead simple for programmers to figure your username. At that point they are as of now half signed into your site. So erase any record with the username "administrator." Note: if the record with username "administrator" is the main client that presently has Administrator-level access, you won't have the capacity to erase it until you first make and login with an alternate Administrator-level record. WordPress needs to guarantee that there is somehow to get to Administrator capacities for your site.

2.Add Strength to your "Password"
Hackers use software to instantaneously test every word in Wikipedia against your password. So anything that is a real word or name in any language should not be used. Any logical or significant number sequence should not be used.That means don’t use your pet’s name, your kid’s birthday, or anything else that vaguely makes sense.The best passwords include a random arrangement of uppercase and lowercase letters, as well as numbers and symbols. In other words, they should be gibberish.You can use a password generator to help you do this – just make sure to save your passwords in a secure place.

 3.Erase and Update
WordPress has a bit of a bad rap for being “insecure.” In fact, a WordPress site only becomes insecure when you fail to keep it up to date. Any part of your site that is not updated to its latest version presents a security risk. Hackers find vulnerabilities in sites through outdated files, themes and plugins.
So go now and make sure that you are updated to:

    The latest version of WordPress
    The latest version of all installed plugins
    The latest version of all installed themes

 4.Reduce log-in attempts
At illuminea, we install a plugin like this on all our clients’ WordPress sites: the Limit Log-in Attempts plugin. It’s really a clever little thing-a-ma-jig.One of the common ways that hackers attempt to gain access to a site is by using software that bombards the login page with an infinite number of username and password combinations, until they strike gold. And if you are not following steps 1 and 2, they will strike gold pretty fast. This was how the Brute Force attacks were so successful in destroying many WordPress sites in 2013.

Leave a Comment

No comments

Subscribe to: Post Comments ( Atom )
Powered by Blogger.