22 Nov 2016

WordPress is a great CMS, that’s why it attracts web developers as well as hackers. If you are not taking care of your WordPress site, then chances of being hacked increase. There are some responsibilities for website and you have to take care of it. In this article we are going to discuss some of common security tips to prevent hacking attack. Let’s find out some of best WordPress Security Tips.

WordPress Security Tips for Your Website

Limit Number of Login Attempts – Limiting number of login attempts can solve a huge problem. You have to setup website lockdown to ban brute force attempt, it will lock login screen automatically whenever someone will try with repetitive wrong password. Admin can specify certain number of login attempts before it block a IP address.


Two Step Authentication

You can prevent hackers to login by using two step authentication. This method include a authentication code along with username and password, generated by WP Google Authenticator plugin. So after activating the plugin, no one can login without entering secret code even after knowing correct username and password.

Login Using Email

Usernames are easy to guess and some users keep the default username without changing it. However us of email for login looks more secure approach, because every user have unique mail address and its not easy to predict email address. Use WP Email Login or any suitable plugin to do so.

Change Site Login URL

Hacker and everyone who use WordPress know that where to access the backend of website and it increase the chances of hacking. So you have to customize login page URL in order to secure website. For example You can change login URL yourdomain.com/wp-admin to yourdomain.com/. You can use third party plugin to do it.

Remove Unwanted Plugins

WordPress is all about customization and plugins, at the beginning possibly you could install lot of plugins but later you found most of them are useless. Plugins need regular updates, if you are not updating them it will make your website unsecured. So it’s better to delete unwanted plugins.


Consider Automatic Core Updates

Stay updated is the most important thing to keep your website secure and safe. According to some researches most of hacked WordPress websites had older version then current. If you are running on previous versions of WordPress hackers can use it to attack your site.

Avoid Sharing Hosting

Sharing hosting increase the chances of being victimized by hackers, you may sure about security of your website but other websites on same hosting server may have vulnerability. You have to choose the best hosting you can afford.