11 Ways To Secure Your WordPress Blog

Posted by admin on November 20, 2009, filed in: Tutorial

Backup your WordPress blog is the most important thing you should do after you install it on your server. There should be no reason for you to leave your WordPress wide open for hackers to break in and steal your data and / or destroy your data. Here are 11 ways you use to secure your WordPress blog.

1) Encrypt your login information

Whenever you try to create your site, your password is sent in clear text. If the network settings are on a public, attackers can easily 'sniff your login credentials with a Sniffer Network. The best way is your login data with the encrypt C. Secure Login Plugin. This plugin adds a random hash for your password and authenticate your connection to the CHAP Protocol.

2) Stop brute-force attack

Hackers can easily break your password and identification with Brute-force attack . To avoid this, you can Login Lockdown Plugin. This plugin records the IP address and time stamp each connection failed WordPress. Once a certain number of attempts are detected, it can disable the connection for all applications that range.

3) Use a strong password

Make sure that you have a password that is easy to guess. With a combination of numbers, special characters and upper / lower case form your password. You can also password-Checker WordPress 2.5 and above, to check the strength of your password.

4) Protect your wp-admin folder

Your wp-admin folder contains all the important information and it is the last place you want to access other. Use Password Protect AskApache Password protect the directory and access only to authorized persons.

5) Remove info version of WordPress

Many topics are the WordPress version of WordPress information in the meta tag. Hackers can easily access information and plan attacks on the specific security issue for this version.

How to remove version of WordPress, you log in to your WordPress dashboard. The Design> Theme Editor. On the right-click the file header. On the left you will see a lot of code, look for a line like

meta name <= "generator" content = "WordPress <? php blog info ('version');?>" />

Remove it and press the update file.

Update: In WP2.6 and more, is automatically the WordPress version in the heading wp_head. To resolve this problem, simply you can install WP Security Scan Plugin .

6) Hide your plugins folder

If you go to your http://yourwebsite.com/wp-content/plugins is a list of plugins you use for your blog. You can easily hide this page by uploading an empty index.html in the plugin directory.

Open your text editor. Save the document as an empty index.html.

With an FTP program, download the file index.html from the wp-content/plugins / folder.

7) Change the name of your connection

The default username is admin. It can be difficult for hackers to crack your login make, such as changing the username.

In your WordPress dashboard, go users and create a new account. Give this new role as director of the user. Sign up and log in again with the new user account.

Jump to new users. This time, select the check box next to the admin and press Delete. If bar asks you to confirm the deletion, select the "Attribute all posts and links:" and select your new user name in the menu . This means that all messages are transferred to your new account. Press to confirm the deletion.

upgrade to the latest version of WordPress Plugins

The latest version of WordPress always contains bug fixes for vulnerabilities, it is important to maintain at all times. The latest version is WP 2.6 (from this post). You can here .

9) Take a regular analysis of safety

Install wp-security-scan Plugin and perform a regular analysis of your blog for all formal security vulnerabilities. This plugin can also help to change the database prefix of your wp_ a custom prefix.

10) a backup of your WordPress database

No matter how secure your site, you want to continue to prepare for the worst. Install wp database backup Plugin and you plan to backup your database daily.

11) Define user permissions

If more than one author for your blog, you can Role Manager Plugin to define the capabilities of each user. This gives you the blog owner, can control which user can not and do in the blog.