Home Web Development WordPress 10 Useful Tips to Improve Your WordPress Site Security

    10 Useful Tips to Improve Your WordPress Site Security

    WordPress is a very flexible and easy to learn CMS, on which you can implement almost any modern task. And these are just two of dozens of other reasons for its so high popularity. You need to understand that the popularity of WordPress is high in hacker circles. Therefore, it will never be superfluous to secure your site. Moreover, this is not so much and you need – just a few minutes of free time.

    I’m going to introduce you to 10 simple but very useful tips for improving the security of your WordPress.

    1. Never use the default admin name as the administrator username

    If for some reason this happened, just create a new admin user and delete the old one. Before deleting it, WordPress will ask you which user to associate the posts of the user to be deleted.


    2. Create complex long passwords using letters, numbers and various characters

    According to statistics, the most commonly used passwords are “123456”, “password”, “12345678”, “qwerty” and “123456789”. Naturally, sites with such passwords do not last long. It’s good if your password is not a dictionary word, it will have at least 15 characters, including lowercase, uppercase letters, numbers, and symbols.


    3. Use two-factor authentication

    For example, using the Rublon plugin or any other – the choice is wide enough. Two-factor authentication provides more reliable protection against unauthorized access and is already familiar to many users who use Internet banking, Google services, iCloud, DropBox, etc.

    4. Be sure to turn off the prompts in the WordPress login form

    After all, you know your username and password even without hints, even if you make a typo. And to the attacker, this information will only simplify the task of hacking. To do this, add a few lines of code to the functions.php file.


    5. Use plugins only downloaded from the official WordPress repository

    In an extreme case, with well-known proven resources such as CodeCanyon, GitHub always have positive user reviews. Never install hacked plugins downloaded from warez. Of course, if your site is dear to you.

    WordPress Tools and Plugins


    6. Timely update WordPress, themes and plugins to the latest versions

    Developers regularly release updates that close all discovered vulnerabilities. Current versions not only improve WordPress performance and compatibility but also significantly reduce the chance of hacking your site – this is a fact.


    7. Keep your WordPress clean

    Never store unused plugins and themes on the server. As a last resort, archive.


    8. Disable trackbacks

    There is little benefit from them, but they will certainly bring you troubles. Using WordPress trackbacks, cybercriminals can generate massive requests from such sites for the victim site, thereby causing a massive DDoS attack. Just go to your WordPress discussion settings and uncheck “Allow alerts from other blogs (notifications and trackbacks) to new articles. 


    9. Set the correct permissions for all files and directories on your site

    For directories, this is 755, for files, 644. You should be aware that giving permission to a file/directory to write (or worse still full access – 777 ), you expose your site to a serious threat. You can learn more about rights in the WordPress Codex.


    10. Prohibit viewing the directory index of your site

    Very often, a crookedly configured server in the absence of index.php or index.html files in the directory displays a list of directory files. Attackers can take advantage of this. To avoid this, add the line in .htaccess. Also, make sure that the wp-content/themes and wp-content/plugins directories have an empty index.php file.

    Editor's Pick

    Flutter vs Android Studio: Which is Better?

    Here begins the brief assessment of Flutter vs Android Studio. Flutter UI development kit developed by Google. This Flutter framework is...

    Cybersecurity 101 – How to Spot the Most Common Types of Malware

    The internet is a marvelous invention, but just as any great thing in life, it can often be a double-edged sword. You...

    10 Efficient Link Building Tactics for Ecommerce Stores

    Good organic ranking in search engines is essential for any eCommerce business, and link building is a powerful method to achieve it....

    11 Best Video Presentation Softwares To Up Your Presentation Game

    Have you got a major presentation coming up? Wish to attract the attention of your audience? The best way to ensure that...

    Top 3 Cameras For Recording Podcasts in 2020

    Video podcasting is a new and effective way of sharing, and airing your opinions. The platform gives a wide range of advantages...
    10 Useful Tips to Improve Your WordPress Site Security 2
    Vaibhav Jain
    Vaibhav is a specialist in Website Development whose goal is to never write a boring article. His enthusiasm for online business has spanned over two years, accompanying his articles with thorough knowledge about Website Development and many other topics. He also enjoys playing Cricket and is a Fitness enthusiast.
    Notify of
    Inline Feedbacks
    View all comments
    Would love your thoughts, please comment.x