Security is important with the ever present hackers and WordPress sites have become frequently targeted. Unfortunately WordPress sites don’t tend to be as effective at resisting hack attempts as custom CMS’s, perhaps it’s only flaw. That being said however there are safety precautions you can take yourself in order to prevent hackers from gaining access to your site. Here are the top 5 ways to secure a WordPress site:
- Change Your Username & Password!
You’ll be so surprised how many people generically pic the username “Admin, once a hacker knows your username that’s half the battle over. It’s important that your username and password are unique to yourself, hackers gain access by trying a flurry of random usernames until they hit a correct one and then they will try thousands of generic passwords again until they get the right one, so please for the love of god don’t have the username “Admin”, “Moderator” or anything along those lines.
- iThemes Security Plugin
Formerly Better WP Security this plugin is awesome; it gives you a multitude of ways to protect your site within the one plugin. It can help you generate strong password, limit password attempts, ensure users change their passwords regularly, offer two step authentications and even track the users who have logged in and out at certain times, it’s fantastic.
- Pick A Reputable Theme!
Hackers can also gain access to flaws in the theme you have downloaded, so make sure that when you are choosing a theme it looks to be regularly updated and has fantastic reviews. This is important as they could have coding issues in which hackers can exploit, so you need to be careful to choose a secure and updated theme.
- Disable File Editing
In the dashboard of WordPress by default you can navigate to your editor this gives them access to all of your code, typically these hackers are purely just bots that follow steps so anything you can do to put them off is a good thing. Make sure you disable access in your admin panel, although they can still gain access to your code this is adding an extra step or two to the journey of doing so.
- Hide Your Username From Author Archive
Going back to what I said about the username thing, you need to ensure that they don’t know the username you log in with. Therefore make sure you hide your username from the author archive so they can’t find it out. Changing the standard author archive URL can help prevent a hacker from finding your user.
And finally, just in case hackers do gain access, make sure you keep a backup! I know it sounds like I’m droning on and on but hackers will just delete everything, it doesn’t matter to them, so make sure you regularly back up your site or it could be a painstaking process of redeeming access and rankings.