If you have a WordPress site, it is very important that you take at least the basic steps to ensure you are secure from hackers. This isn’t really ‘news,’ after all this has been known for a long time, yet still many people do not stop and consider website security when they are creating their sites. They don’t do any reading on the topic because it’s too technical and just plain boring, and far too often people think it won’t happen to them. Therefore, they also don’t do anything to protect their blog or site. The good news is that in under 30 minutes you can improve your security and not spend a cent.
#1 Change the ‘Admin’ Username
The default login for WordPress is ‘admin.’ Trouble is most users just keep it that way, making it incredibly easy for hackers to figure out your user name. Now they are already half logged into your site. Change the ‘admin’ login into something new! Be sure to attribute your admin posts to your new user before deleting the admin user account.
#2 Create a Strong Password
Your WordPress is only as strong as your weakest link, and your password is often that weak link. Hackers use software that scrolls through hundreds of thousands of words looking for a match, which is why you should not be using a real word for your password. You should also not use a logical sequence of letters or numbers. So don’t use your pet’s name, your birthday, your phone number, etc. You can use a password generator to help you if you have trouble coming up with a strong password.
#3 Delete & Update
WordPress is known for being weak on security. The reality is WordPress is only insecure when the users do not keep it current. Any part of your website that isn’t running the latest version is always at a risk of being hacked. Hackers are constantly looking for vulnerabilities and if you aren’t staying current you are at risk. So make sure you are running the most current version of WordPress, installed plugins and themes.
#4 Limit the Login Attempts
Install a plugin that will limit the number of times a person can try to login before the site shuts them down. iThemes Security Pro lets you do this. When you limit the number of times one can try to access your site, you reduce the likelihood of being hacked.
That’s it – there’s plenty more so don’t stop after you’ve done these four things, but this is a great place to start.