Keeping Your WordPress Site Secure

Online security is a big deal. Here are a few tips to keep your WordPress® website secure:

1. Update Your WordPress Website: Make sure to keep your WordPress core, themes, and plugins up to date. If you don't, you risk compromising your website's security.

If you installed WordPress through your hosting account; Log in to your WordPress admin panel, From the Dashboard click Updates, Follow the on-screen directions to update your WordPress website.

2. Install Login LockDown (https://wordpress.org/plugins/login-lockdown): Login LockDown records the IP address and timestamp of every failed login attempt. If more than a certain number of attempts are detected within a short period of time from the same IP range, then the login function is disabled for all requests from that range. This helps to prevent brute force password discovery.

3. Install and Setup 2-factor authentication (https://wordpress.org/plugins/miniorange-2-factor-authentication).

4. Install and Setup Akismet Plugin (https://wordpress.org/plugins/akismet/): Akismet checks your comments and contact form submissions against Akismet's global database of spam to prevent your site from publishing malicious content.

5. Use email as login: By default, you have to input your username to log in. Using an email ID instead of a username is a more secure approach. The reasons are quite obvious. Usernames are easy to predict, while email IDs are not.

6. Password-protect the wp-admin directory.

7. Use very strong passwords.

8. Use SSL to encrypt data: You will get an SSL free with any SpeedyConnect.net Hosting Package.



Friday, June 2, 2017



« Back