Since WordPress is a self-hosted then you and your hosting company are responsible for WordPress Security. In this post, I am going to teach you how you can secure your WordPress blog from hackers with the help of some tweaks and plugins.
I try my best that every new blogger can do these task so these steps are very easy and you just need 1 hour to complete all tasks.
Ok Lets Start
What You Will Learn
- 1 Choosing Hosting Wisely = More WordPress Security :
- 2 Keep Your WordPress Updated:
- 3 Choosing Themes and plugins:
- 4 Make Your Password Strong:
- 5 Change Default Username:
- 6 Disable File Editing:
- 7 Change WordPress database Table Prefix:
- 8 Move From Http To Https:
- 9 Add Security Question in your Admin log in Page.
- 10 Make Backups:
- 11 How To Recover WordPress Blog:
- 12 Bonus Tips:
- 13 Conclusion:
Choosing Hosting Wisely = More WordPress Security :
Very first thing you need to choose best and reliable hosting for your blog. I recommended you to go with Bluehost one of the best company so far with all features you need. Like Support, Cpanel etc. My All Blogs is Hosted on Bluehost.
Blue is also recommended by WordPress and many top bloggers from worldwide. There are many others best-hosting company’s for your blog if you cant afford Bluehost. Here are the links to other hosting companies for your blog (HostGator) (Inmotion). These are the best companies for your blogs.
Keep Your WordPress Updated:
For Increase your WordPress security It is recommended that whenever WordPress release updates just go and update. Why because WordPress improve his security and permanence in updates. So hackers don’t know about it and your blog ll not compromised and Hacked.
Choosing Themes and plugins:
Think ten times before applying themes or plugins on your blog. I recommended you to spend some bucks and buy a premium theme for your blog instead of free themes. Chances high that free themes can contain some virus code or hacker codes. The Internet is full of mulled themes and plugins but doesn’t go with them.
The Internet is full of mulled themes and plugins but doesn’t go with them.Choose premium theme because theme comes with support and not include any bad codes.
Note: One line of code can hack you blog fully.
What Theme I recommended (Well I am on Genesis custom child theme). If you know how to code a genesis theme. Then I recommend you to go with (Genesis Framework).
Make Your Password Strong:
I know for newbies remembering password is the very difficult task but nowadays hackers are so smart they attempt to recognize your passwords with many software’s and bots. Let me give you a tip whenever you set the password, for example, your password is (newbie555). Its easy to hack so add some characters like ($$newbie555$$##) that’ a strong password. Its take unlimited years to recognize your pass.
Change Default Username:
Now thanks to hosting companies and WordPress for taking action to change this thing. In old days if you install then your username and password is the admin so its easy for a hacker to hack your blog with brutal force attacks.
Install WordPress software in your hosting carefully likes set the custom password and username for your blog if you see that your pass and username is the admin.
You can also change your username from the database.
- Open PHPMyAdmin from your hosting and click on users tables.
- under settings click pass and change your username.
- Save and go.
This is one of the most important thing for your wordpress security.
Disable File Editing:
WordPress come with inbuilt file editing section like you can edit your plugins and theme files from WordPress admin section. But it’s not good some can edit your files and themes and add virus code in it so for safety disable this how to see below.
Go to your hosting panel and open the wp-config-PHP file from your blog root folder then add below code.
// Disallow file edit define( 'DISALLOW_FILE_EDIT', true );
Done your file editing is disabled no one can change your files code from WordPress dashboard.
Change WordPress database Table Prefix:
By default, WordPress add the (wp-) name in your database tables and hackers can easily guess what your blog database table name. I recommended you to change it With Like (wp- 54444 etc ). How to see below.
- Go to WordPress dashboard and click plugins and add a new plugin.
- Install and activate (DB Prefix) Plugin.
- Got to plugin settings.
- Enter existing prefix name then enter your new prefix name.
- Done your database table name change successfully.
- You can delete this plugin after this.
Move From Http To Https:
All know that google loves https and also with https your blog security ll increase. Because every data from your blog become encrypted and make difficult for hackers to hack that.
You have to read this one of my guide for https.
Add Security Question in your Admin log in Page.
If you add a security question to your admin login page then its make your WordPress blog more secure with an extra layer like no bots can access your blog, admin. Only authorize members can log in your blog.
How to add security question see below.
First, you need to install and activate (WP Security Questions) Plugin.
After activation just visits his settings and configure as your requirements. Done
I see many newbies who not cares about backups but what happen when your site get hacked or deleted. I recommended you to make the backup of your blog every month or 2 months.
How There are many plugins out there like backup buddy vault press and nowadays hosting companies give free backup options so you can easy make backups.
How To Recover WordPress Blog:
Recently I suffered from hacking attempt my blog was hacked by someone but I manage to recover my blog. I recommended you to read this one of my guide that how I recover my WordPress blog.
- Remove inactive users from your blog.
- Install security plugins like (All in one security).
- Always scan your blog after every week with virus plugins.
- Remove unused FTP accounts.
- Remove unused database tables with (Plugins Garbage Collector) plugin.
That its I hope you like this post and your WordPress blog is now more secured and no one can hack your blog easily. Anyhow again recommended you to check your blog every week or month for bad activity. This ‘ll help you make your blog more secure.
Don’t forget to share this post with your other friends. And help them to secure their blogs.