10 Essential Security Tips For Your WordPress Blog
This post is a part of our $500 Guest Blogging contest, If you’d like to participate, check the guidelines here.
The security of a WordPress blog is essential, Number of hackers are increasing day by day,any site can be attacked, but using these tips you can limit the risks being attacked. When everything works properly, we must not feel safe, but it is a good time to test their defenses and try to prevent problems.
WordPress Security Tips
Image Via Flickr
Always Keep your WordPress Updated:
Updating WordPress is essential, More than 75 percentage of WordPress blogs are being attacked due to not updating at time. So always update to latest versions of WordPress available, otherwise the chance for getting hacked will be so high, Hackers will find the security defects in older versions and through that patches they will hack your account. So it is best to update WordPress regularly.
Test their vulnerability:
WP Security plug-in, as well as allow you to change the code, identifies vulnerabilities in the system, in particular displays the access permissions to folders and any warnings. SO I prefer you to use this plug-in for better safety.
Always Backup your blog:
Before making any changes, back up your WordPress blog fully. It ‘absolutely necessary “to secure” the most important parts which are the MySQL database and the FTP account.
There are several plugins to achieve these backups, by using plugins you can assign time and date for backups. WP DB backup plugin is an example for this.
Password Must Be Strong:
An administrator account with elevated privileges (that is WordPress at any desktop PC) must have a password with at least 8 characters including: numbers and special symbols.
It is recommended not to use passwords pure text or words easily found in any dictionary, also I am not recommending using birth dates or information readily available on the web, remembering that with the advent of the Internet remained little privacy is slowly diminishing.
Deny Access to your Installation files:
By default anyone can access the files of the type WP-content through a simple browser. Block it by changing the permissions to access to your installation files in to appropriate option.
Delete the account “admin” created by default!:
By default, WordPress creates an account called Admin during the installation. If it is canceled, the one who will attack your blog will look just the password to gain access.
To solve this “problem”, create a new account with administrator privileges, log out from the old account, enter the new and delete “admin” by default.
Change database prefix:
When you install WordPress, the code assigned to the MySQL database is wp_ . If you do not pay proper attention to this parameter may be too late. To do this, use the WP Security Scan Plug-in.
Hide the WordPress Version Details:
If you see the source code of your site will most likely notice the presence of a meta tag indicating the version of WordPress is currently in use.
Meta name = “generator” content = “WordPress 3.1.1″ /
One who attacks your site thus know the version in use, is able to trace the bug to be exploited to interfere in the system.
Block brute force attacks:
By default it is possible to test a huge number of pairs of usernames and passwords that could groped to connect to your administrator profile. However, installing the plug-in Login Lockdown narrows the number of attempts to access the profile for a certain period of time.
Prevent access via htaccess in wp-config.php:
Open the htaccess file in the root of your FTP server and add the following line of code. In case of problems, not allow anyone to retrieve the username and password on the server. These lines of code must be between <>.
FilesMatch ^ wp-config.php $
deny from all
If you make these tips practical you can stop your website from every threats to a great extent. Anymore suggestions from your side? Let me know it in comments!!
Author Info : Zohan is a 15 year old student. He is also a part time blogger. He blogs at ScreamingTips where he shares about blogging, tutorials, online business etc.. his major posts include getting on first page of google with in 24 hours
Thanks to Our Sponsors
First Hosing | Host Brains | TechBU
Swift Themes | Social Media Agency | Tech Freak Stuff