Home > Technology & Gadgets > How to secure WordPress Sites

How to secure WordPress Sites

172 Views
How to secure WordPress Sites

Secure your WordPress site is the top concern for every website owner, who uses WordPress. So who is responsible for making WordPress secure? Of course, some responsibility depends on you to secure your WordPress website. If it's a matter of security for WordPress then you have to follow some security rules to secure WordPress. Here we are going to show you some tips, which are most important to secure your WordPress.

Tips To Secure WordPress Site

Choose the best hosting company for host your website

The first way to secure your website is to use a best-hosting company to host your website, which is trusted, which hosts a web hosting website, to host your website at any time. Does not use low-cost hosting companies because they do not provide better service and better coordination...

There are some great web hosting companies like Bloodstock, Hostgator Cloud, Site 5 Hosting etc.

So use reliable web hosting to host your websites for better security.

Never use Admin as the username-

A good WordPress user never uses admin as the username because the admin is the common username for the login of any website, mostly user doesn’t change their username, but we have to do it. As a good WordPress user, we have first changed our user name, it should be using our email id or any other user name. But never use the username as admin.

Set a Strong password

Basically, a user uses a password related to his domain and his email-id, and this mistake makes hacker easy to hack your website. Never use passwords related to your domain and professional email address.

Always create a password using letters, numbers and special characters. Not only use a password for the admin area, also use passwords for FTP accounts, databases, WordPress hosting accounts.

Set limit login attempts

Always set limited login attempts for secure WordPress, if anyone is trying to log in to your website admin panel, then they have entered the correct username and password in limited efforts, otherwise they will be blocked.

You can enable border login attempts easily in the WordPress Login Limit Attempt Plugin. You can change the number of login attempts by the settings> login limit attempt.

Disable File editing option

If you are using a site with many administrators, then you have to lock some features of the WordPress Admin Dashboard because if anyone logs in to your website, they have permission to edit the content of your website. is needed.

You can easily do this process by adding the following code to your file.wp-config.php.

define( 'DISALLOW_FILE_EDIT', true );

6. Disable PHP file execution in some WordPress directories-

Another way to secure your WordPress PHP file execution directories is that there is no need for anyone like / wp-content / uploads /

If you disable php file execution, and anyone logs in to your WordPress account and are trying to execute the file, then they need permission to execute the file.

Here is a simple way to disable php file directories, an open editor like notepad and paste this code.

<Files *.php>

deny from all

</Files>

Now save this file as .htaccess and upload in /wp-content/uploads/

7. Allow access WP configuration from trusted IPs only-

For safe WordPress support, you are only allowed WP configuration from a trusted IP address, do not allow all IP addresses only because of database credentials, database table prefaces, etc.

A simple way to do this by adding the code below the .htaccess file in the WP installation directory.

<Files wp-config.php>

 order allow, deny

 allow from IPAddress

 deny from all

</Files>

8.Update WP version on regular basic-

For the security of WordPress, you have updated your WP version regularly and have updated it on the regular basis.

Add the code below for the automatic updating of WordPress in the wp-config.php file in the WP installation directory.

define( 'AUTOMATIC_UPDATER_DISABLED', false );

define( 'WP_AUTO_UPDATE_CORE', true );

9. Change your WordPress login URL-

Let's say your login URL is "yourwebsitename.com/wp-admin", by default you may be targeted by hackers because they can brutally attack and crack your username and password. To stop this, you have to change your login URL.

10. Enable Web Application Firewall-

The easiest way to protect your website and the web application is to be confident about your website security by using a firewall. The firewall blocks all the malicious traffic to your website.

You can improve your WordPress security by using the suggestive firewall, it is not only a firewall provider but also another popular competitor Cloudflare.

11. Always make a backup-

Most of the above measures can be done to improve your security, no matter how safe your website is, but it will never be 100% secure, so always back up only in bad condition. Backups are things that everybody knows they need, but they do not always make it.

Most WordPress hosting providers now provide backups, because Keysta offers five types of backups, including automatic backups. You can click and restore your website.

That’s All!

 

TAGS ,
Do NOT follow this link or you will be banned from the site!