Home » Groups » Tips

Category: Tips

Tips for WordPress Blog Security

Your WordPress web site security is only as good as your preventive maintenance you do on your site.  Here are some tips and resources to keep your WordPress site up and working safer from hackers.

  1. Update and upgrade your WordPress installation and all installed plugins. Be sure to login to your site admin and check for updates regularly.
  2. Install the security plugin listed here
  3. Ensure that your admin password is secure and preferably randomly generated
  4. Other ways of Hardening a WordPress installation are shared athttp://codex.wordpress.org/Hardening_WordPress

These other steps can be taken to further secure WordPress websites:

  • Disable DROP command for the DB_USER .This is never commonly needed for any purpose in a WordPress setup
  • Remove README and license files (important) since this exposes version information
  • Move wp-config.php to one directory level up, and change its permission to 400
  • Prevent world reading of the htaccess file
  • Restrict access to wp-admin only to specific IPs
  • Create the admin account with other username and delete the original admin account with username 'admin'. As most of such attacks are on username 'admin'.
  • A few more plugins – wp-security-scan, wordpress-firewall, ms-user-management, wp-maintenance-mode, ultimate-security-scanner, wordfence,http://wordpress.org/extend/plugins/better-wp-security/. These may help in several occasions

Also, we recommend using Cloudflare, which is available free with all our cPanel accounts, to prevent the attack from affecting  your site.

If you need help with this please contact our support department at GeekZoneBooks.Com