Having your WordPress site hacked is no fun :( especially if it could have been prevented.
Here is a list of 7 beginner friendly and easy to implement WordPress security tips that will help you improve the security of your WordPress site. Browse more basic and advanced WordPress Security Tips.
1
Keep WordPress Up-To-Date
Do not ignore WordPress updates.
There's a good reason why WordPress is asking you to update as updates are released for a reason.
They often make your site more secure by closing down and patching vulnerabilities.
2
Username Should Not Be Admin
Do not use "Admin" as your administrator username.
"Admin" is the default username for WordPress admin users. Everybody knows this, including hackers.
Keep passwords long (at least 8 characters) and difficult to guess (use combination of lower and upper case and symbols). If you can try to change passwords every three to six months.
4
Do Backups Often
Backup WordPress regularly.
There are a bunch of plugins available for creating regular WordPress backups. WordPress Backup to DropBox is the best free plugin which allows you to backup your site to Dropbox and VaultPress is the best paid plugin and comes with more options.
5
Avoid Free Themes & Plugins
Be extra careful of free themes and plugins.
Hackers are known for adding viruses, malicious code and encrypted links to plugins and themes and then offering them to be downloaded for free.
WordPress.org is the safest place do download themes and plugins.
6
Disable Pingbacks & Trackbacks
Pingbacks and trackbacks used to be popular but today most users don’t care about them and they can used by hackers to trigger distributed denial-of-service attack (DDoS) attacks.
Disable this by going to Settings > Discussion and then untick the “Allow link notifications from other blogs (pingbacks and trackbacks)” option.
7
Prevent Brute Force Attacks
Stop hackers "brute forcing" their way in.
By default, WordPress allows users to enter passwords as many times as they want.
To prevent this go and install and activate the Login LockDown plugin, in the settings you can define how many login attempts can be made.
Review Squirrel is an independent review website founded in 2015 that reviews and compares the best products, services & software for starting a small business websit...