Today I’m gonna share some interesting stuff with you.
I’ve been using Limit Login Attempts plugin for several weeks now (to know who is trying to access my WP dashboard – this plugin sends with the IP address if someone tries to access my blog).
Since then I’m averaging 4 to 6 attempts daily!
You heard it right. It’s 4 to 6 (WTF!!)
When I opened my gmail account, today again I saw one more message notifying me that you’ve encountered 6 login attempts.
Here’s the image..
So… this made me bit annoying and I immediately posted it on Facebook saying how to secure my WP blog.
After all, I’m investing my efforts, money and everything else to develop this blog. So, I’ve to take care of it right?
Immediately Syed Balkhi and few others responded with some powerful security tips which I want to share with you now.
I hope you don’t neglect this post..
Tip 1: Secure your WP admin directory
This tip was given by WP guru Syed Balkhi from WPBeginner
Tip 2 by Thomas Frank from CollegeInfoGeek
He gave me bunch of security tips (every tip is just awesome!)
Tip 3: Use .htacess and .htpaswrd files to allow only your ip to access the admin panel
This tip was given my best buddy Ahmad Awais from Freakify.com
Tip 4: Don’t neglect your primary email address too!
This is my personal security tip on saving your WP blog from the hackers. Don’t use easy passwords even for your primary email addresses which use on your WP blog.
Because, they may get your WP login details easily if they know your primary email address details. So, beware of that!
Now, it’s my turn to share some security tips to secure your WordPress blog.
How to Secure Your WP Blog?
What you must do to secure your blog?
If you’re still using admin as your username, immediately change it some other name, not even your original name. That can be easily cracked by others people.
So change something into complex, where others can’t guess it easily.
But how you can change your username?
Don’t worry.. I’ll show you the exact steps which I used to change my username.
Follow these 5 easy steps..
Step 1: Login to your cPanel
Step 2: Scroll down to the databases section and click on phpMyAdmin
Step 3: Now, you need to select the database that you’re using
Step 4: Click on the table wp_users on the left hand side. Then click edit on the username that you want to edit.
Step 5: Change the user_login value to whatever you want. And replace ‘admin’ to some complex name!
Now, hit the Go button
Now login to your site with your new username.
How strong is your password?
Goto this site to know how secure is your password
Essential WordPress Security Plugins
WP Security Scan - This plugin will scan your entire WordPress installation and it will suggest you regarding security vulnerabilities like
- database security
- file permissions
- admin security etc
WordPress Database Backup - This will help you backup all your core data and other content of your choice to the destination your choose on hard disk, email or remote server.
AntiVirus - This keeps your blog protected from spam and malicious scripts.
Limit Login Attempts - It limits the amount of times an IP can try to log in before locking it out for a specified amount of time. You can also configure it to lock out that IP for a much, much longer time upon a certain number of lockouts. This is the plugin which I personally recommend.
SI CAPTCHA Anti-Spam - places a CAPTCHA on your login page. This, coupled with Limit Login Attempts, should keep out brute force bots forever.
Want to still increase your WP security?
Check out these two articles..
- How to Beef Up Your WordPress Security
- How to Password Protect Your WordPress Admin (wp-admin) Directory
Don’t neglect the security of your WP blog, there are so many security attacks happening everyday. So, make sure you’ve powerful security for your WP blog.
Do you have any more WP security tips?