After having numerous attacks on WordPress (my site and others) I think it’s about time I write up something about how to properly protect your WordPress site from being hacked. There are many ways to do this and more you can do the better. I’m only going to list out a few of the really easy ones that you can do in minutes.
1. Change the default Username and Password
By default WordPress uses the id “admin” and asks you to create a password. Already hackers are half way into your site by knowing your username. To fix this sign in as the admin and create a new user with Administration rights. User a unique username and password! Presto! Your first step to protecting your site is complete.
2. Install Chap Secure Login Plugin
Simple install, no settings to adjust. It basically hides your “password, during login, on an insecure channel (without SSL).”
3. Install Login Lockdown Plugin
Basically, “Adds some extra security to WordPress by restricting the rate at which failed logins can be re-attempted from a given IP range.” Simple? Yes? Let’s move on…
4. Install Secure WordPress Plugin
Changes some minor things in your WordPress installation (code wise) so that it makes your site less prone to attacks).
5. Install WordPress File Monitor Plugin
This monitors your files and alerts you of changes that may or may not be something you’re doing. Tracking your files helps to eliminate bad files if you ever do get attacked.
Want more security?
Now there are a ton more things you can do, but they are a little more cumbersome and require you to do some hands on coding of your own. If you’re comfortable with this you can visit this OneExtraPixel article where they have additional tips on how to protect your blog/site. Happy Blogging!