Millions of websites or blogs are hacked every day so, we have to protect or Secure Word Press from hackers or crackers, to protect website they are some simple tricks and tips, by following below Steps we can secure WordPress 99% from hackers, there are numerous number of methods to secure your wordpress blog or website but we are providing important methods to secure your blog or website, by following these protection methods you can secure your wordpress website maximum.
- Do not use ‘admin’ as user name.(because it is easy to guess)
- Rename your login URL.
- Update all plugins up to date.
- Use Security plugins
- Use strong password
- Hide or delete your word press version Number.
- Use SSL to encrypt data.
- Use reCAPTCHA (to protect from dictionary attack).
Do Not Use ‘Admin’ as user Name:
During installation, many people will choose their user name as ‘Admin’. Change your admin as user name because it is easy to guess the user name as admin, so, hackers can easy to access your blog or website, and your entire site gets into the wrong hands, iThemes security plugin can stop such attempts by banning any IP address that attempts to log in with that username.
Many people use their login URL as ‘wp-admin’ or ‘wp-admin.php’, this login URL is easy to guess, and hackers can easily access your login panel and then they will access your website through brute force attack or dictionary attack etc. So, change your login URL to protect yourself from hackers.
Update your WordPress plugins and tools up to date, these updates are to fix bugs and sometimes have vital security patches, hackers assume that plugins are not updated, they will hack on that assumption. So, if you are using the WordPress platform then update all plugins, themes and everything regularly.
By using WordPress security plugins such as iThemes Security it will protect your WordPress blog or website from brute force attack and some other protections are given below:
- This ithemes Security prevents brute force attacks by banning hosts or IP addresses with more invalid login attempts
- Scans your site to report the problems and fixes the problems in few seconds
- Block user with more number of login attempts
- Increases server security
- Helps to set an strong passwords for all your accounts
- Forces SSL for admin pages
- Forces SSL for any page or posts
- Turns off document altering from inside WordPress administrator region
- Detects and obstructs various assaults to your file system and database
Use Strong Password:
Many of people use their password as ‘12345678’ and ‘password’ or p@word and etc, this type of passwords is easy to guess and they will guess or crack the passwords by dictionary attack, to safe from this password guessing attack you have to choose strong passwords, to create strong password use ‘secure password creator’ tool.
Hide or Delete your WordPress Version Number:
You must have to hide your version number with security plugin because hackers can easily identify your present WordPress version number, by identifying your version number it is easy to attack perfectly to access your website.
By using SSL (Secure Socket Layer) you can secure admin panel, you can purchase SSL from dedicated companies easily, this SSL can increase your website ranking level and the google prefers website having with SSL high than without SSL and It ensures secure transfer between user browser and the server.
By using this reCAPTCHA you can secure your wordpress blog or website from dictionary attack, it opposes the dictionary attack for your website, we can find the reCAPTCHA at settings>admin protections by enabling the reCAPTCHA we can stay aware of dictionary attack.