Is your Blog Secure From Being Hacked? We know why WordPress is the best blogging CMS (Content Management System). It is available on the web and just free. But, do you know it is not fully secure from the bad guy’s like hackers, attackers, Spammers, and other ill-intentioned attackers. WordPress is an open source software which means everyone can see its code and they can easily find security holes. Today I will tell you How to secure WordPress website from hackers.
6 Best Ways How to secure WordPress website from hackers
Here are some easy tips to make your WordPress blog more secure.
1.Secure the Theme
The first step is just to remove your WordPress generator code which you ‘ll find into your theme’s header.php file, The reason behind this if a hacker knows your WordPress version, it’s very easy to him to attack it using version-specific vulnerabilities. To remove this code simply open your header.php then find a line like:-
<meta name=”generator” content=”WordPress 5.2.2″ />
And just remove it.
Or you can Add Into your theme’s function.php remove_action(‘wp_head’, ‘wp_generator’); to Permanent Delete Your WordPress version Information.
2.Upgrade to the latest WordPress version
Keep your WordPress blog update with the latest version. You should make this habit to updates your blog when upgrade available. well, the older release has very known vulnerabilities that could be exploited by any hacker.
3.Lock your wp-config.php
Well, Wp-Config file is a very important file of your WordPress site. It contains very sensitive data like your user-name, password (which used by WordPress for creating a connection to WordPress My Sql database files. You can block access to this file by just add below code to your .htacess file.
deny from all
4. Use A Secure Username, Password
Till version 3.0 WordPress create admin user by default, Now you can choose your own user-name.try to use user-name with multiple WordPress such as “jobayer”.Always use a strong password which has a combination of lowercase letters, uppercase, and numbers in between.
5. Rename your login URL
We know that, your site’s login url is example.com/wp-admin. Hacker can easily use this URL to hack your website. But if you can change your login URL then nobody can easily try to access. There are many WordPress plugin to change your login URL. “Rename wp-login.php” is one of them. Just install and active then change your login URL form plugin settings option. This is a very simple and easy ways to secure your website.
6. Use Limit Login Attempts Reloaded plugin
Use Limit Login Attempts Reloaded plugin. Because it is the best plugin to secure your website. When someone will try to log in your website with the wrong password 3 to 4 times then this plugin will block the user IP address for a certain period. So, nobody can try to log in more time. There are many plugins as like limit login attempts reloaded. You can try them.
What Do You advise to Secure your WordPress Blog From Being Hacked? what your tips and tricks ? do share with us in comments.