How to Secure Your WordPress Site

1. Keep WordPress core updated

The best way to keep your WordPress secured is to keep your WordPress updated.

2. Don’t Use “admin” as your username.

If your wordpress login is “admin”, this got to be changed. “admin” is the default username. But not using this default, you make it way harder for them to do a brute force attack. Now they have to guess the username AND the password.

3. Disable code file editing via dashboard

Placing this line ….

define('DISALLOW_FILE_EDIT', true);

in wp-config.php is equivalent to removing the ‘edit_themes’, ‘edit_plugins’ and ‘edit_files’ capabilities of all users.

4. Don’t use the “wp_” prefix for your database tables.

If your database table are prefixed with “wp_”, this can be changed by a skilled developer.

5. Keep Themes and Plugins updated

And remove those that you no longer use. The reason is that some themes/plugins may be using scripts that may have security holes. (For example, TimThumb script was one).

More on Hardening WordPress by WordPress.

How to Secure Your WordPress Site

1. Keep WordPress core updated

2. Don’t Use “admin” as your username.

3. Disable code file editing via dashboard

4. Don’t use the “wp_” prefix for your database tables.

5. Keep Themes and Plugins updated

Related Posts

Tags

Share This

Learn Web Tutorials .com

Recent Posts