How to prevent wordpress site from being hacked – Secure WordPress

This site is hacked by Anonymous! Do you want to see this in your website? N0! No one wants their site to be hacked by some cyber How to prevent wordpress site from being hacked - Secure WordPresscriminals. There is a study that says that several thousand sites are hacked every year and the majority of hacked site runs on WordPress.

You know WordPress is the popular blogging platform, 19% of web runs on wordpress as it is easy to use and you know what it’s easy to hack too if you don’t take security precautions.

“Prevention is better than cure” This post helps you in different ways on how to prevent wordpress site from being hacked.

How to prevent wordpress site from being hacked

Change your wordpress username

Are you still using username admin for your login? It’s really bad because first thing hackers do is go to your login page and type the username admin. My first advice is to change the username to something personal by creating new user in admin panel and set its role to administrator.

Related: How to change wordpress username admin for security

So what to do with username admin? You don’t need to delete the username admin just change its privileges (role) to subscriber and then enter something in the e-mail field that do not exist.

Use strong password for all entriesHow to prevent wordpress site from being hacked - Strong passwords

This is the second step you need to carry out. Once you created a new username make sure to set a strong 14-18 digit password, I know it’s hard to keep in mind so save it in some place secret.

Related: How to password protect wordpress admin directory

Now change the password to your Cpanel. If your Cpanel password strength is low then hackers can easily enter your control panel it’s like (thief entering a bank having permission to steal all lockers).

Related: how to use Filezilla FTP client | Limit login attempts  in wordpress dashboard

Change the password to FTP. It’s better not to give same password for FTP that you are using for cpanel.

[box style=”light-blue note rounded” ]Don’t use passwords like hobbies, birthdays, pet names, native places which will be easy to find. Use all symbols, uppercase, lowercase and numbers (Eh2#%@iVUd-) better to use a password generator.[/box]

Update plugins and wordpressHow to prevent wordpress site from being hacked - Update plugins and Themes

Keep your wordpress and plugins updated as there are chances for hackers to exploit hole to your site with older versions as there will be some security bugs with the older versions. Don’t need to search for any updates you will be notified if there are any new updates to wordpress and plugins in your admin Dashboard.

Block search engines to access admin areaHow to prevent wordpress site from being hacked - Block Search Engines

This is another way hackers can easily access your site if your site’s admin page and other details found on search engine. It’s better to tell search engines not to index the admin area and the wordpress folder.

How to tell? Copy the code below and paste it in notepad and save it as robots.txt and upload it to your root directory http://yourdomainname.com/robots.txt

User-agent: *
Disallow: /cgi-bin/
Disallow: /wp-admin/
Disallow: /wp-includes/
Disallow: /wp-content/plugins/
Disallow: /wp-content/cache/
Disallow: /wp-content/themes/
Disallow: /trackback/
Disallow: /feed/
Disallow: /comments/
Disallow: /category/*/*
Disallow: */trackback/
Disallow: */feed/
Disallow: */comments/
Disallow: /*?

Install security plugin

Installing a plugin for security makes you a little stress free and they are most effective way to protect your wordpress site with less effort.  I have found out these two plugins that gives (not complete), but good protection to your site, but don’t use both plugins at a same time. Note: Backup your site before installing this plugin.

Better WP Security – It changes the url of login, dashboard and this plugin changes the database table prefix with the default one wp_ to something you like. You can also set away mode for login by doing this only you can login at the time given period.

BulletProof Security – It protects your site from XSS, RFI, CRLF, CSRF, Base64, Code and SQL Injection.

Backup whenever necessaryHow to prevent wordpress site from being hacked - Backup Files

If you own a blog backup your site frequently as you make more post day by day. In case hacker enters your site and erases all your content and database all your hard work is going to sink in a bad way which you can’t tolerate so backup your database whenever necessary.

You can backup your files here

Be careful when uploading

It’s one more thing you should be careful with. Do not download themes and plugins from torrents and file sharing sites since it may have some malicious program injected in it.  Once you upload these files to your server it has the possibilities of entire site affected in that server.

Use this service website malware scanner to scan your website. It shows any malicious files found on your website.

With all the above mentioned methods I can’t guarantee you 100% that your site remains safer, but by doing this your site will have the very least chance of getting hacked.

Now you have got an idea on how to prevent wordpress site from being hacked. I will share more advanced security to your wordpress site. Get the latest updates and post notification by subscribing.