Protecting any website from hackers is always tedious job especially if its WordPress powered one. Across the globe there are more than 25% websites are powered by WordPress due to its flexibility, ease of use and more over it free.
Due to wide spread of WordPress CMS (might be blogging platform), hackers gets lot of chances to find such a website so easily and try to hack them mostly using brute force techniques, might be your WordPress powered website or blog will be a next victim for the hackers. Here we share some quick tips about how to protect your WordPress website or blog from web hackers like pro.
1. Update WordPress into Latest Version
Periodically keep updated WordPress installation into latest version. Now a days, WordPress automatically update itself (3.7 onwards) without any manual intervention, if you are using WordPress older versions, update it immediately via WordPress dashboard.
2. Never use default login name
When you install WordPress never use default login name as ‘admin’, instead use some unique login name other than name of website name which is hard to guess by hackers. Always prefer unique and easy one to remember for you.
In case, if you had already installed WordPress with default login name, you can easily rename it by installing Admin renamer extended WordPress plugin as easy as possible as illustrated below.
If you are didn’t prefer to install any plugin, you may rename default login name via cPanel phpMyAdmin database manager. But if you are absolute beginner, rename default login name via phpMyAdmin is not advisable. If something went wrong, website might be broken and inaccessible. Simply watch the below video and follow the steps to rename the default WordPress login ID into custom one without installing WordPress plugin or accessing phpMyAdmin.
3. Use secure passwords
Never choose easy to guess passwords, Always use secure one which contains 10+ more characters, which included with alphabets, numbers and special characters such as ‘password&$#6524‘ otherwise use Lastpass, WolFramAlpha online password generators to get secured one.
Beautiful Multipurpose WordPress Themes You May Like…
- ENJOOY Responsive Multipurpose WordPress Theme
- Hazel Ultimate Responsive Creative WordPress Theme
- Loriette Responsive Real Multipurpose WordPress Theme
- Dastak The Real Multipurpose Responsive WordPress Theme
- Exist Multipurpose WooCommerce WordPress Theme
- X – The Theme Ultimate Multipurpose WordPress Theme
- OVNI Responsive Minimal Multipurpose WordPress Theme
- Vencorp Multipurpose Corporate WordPress Theme
- PlayMag Creative Shop & Magazine WordPress Theme
- Igora Creative Responsive Multi Concept WordPress Theme
4. Rename default login URL
By default, able to login to WordPress admin panel via ‘wp-login.php‘ URL which is easy to access for hackers. Instead of using default login URL rename it differently something like ‘adminlogin.php’, ‘loginpage.php’ or something unique by installing Custom Login URL wordpress plugin and rename the login URL as shown below.
5. Add reCAPTCHA to login page
reCAPTCHA protected login page is yet another security layer even through you have followed all above instructions. Install WordPress ReCaptcha Integration wordpress plugin protects website against spam, malicious registrations and other forms of attacks where computers try to disguise themselves as a human. In order to work with above plugin, you have to get API key by signup with Google reCAPTCHA using existing google account and this service available absolutely at free of cost.
6. Change the database prefix
When you installing WordPress, it will automatically uses ‘wp_’ as database table prefix by default, to protect website from hackers use different prefix other than default one something like ‘ze_’ or ‘hs_’ or preferred one for you.
In case if you already installed WordPress with default table prefix ‘wp_’, you can edit it via phpMyAdmin database options table. If you are not an advanced user, we recommend you to install Change DB Prefix WordPress plugin and rename default WordPress database prefix in simple steps. Once you have finished editing database prefix, Change DB Prefix plugin not required any more. You may uninstall and remove the plugin.
If you found the above article very useful for you, don’t forget to share it via social media sites using below share buttons. It might be useful for everyone who looking to protect their WordPress powered website.