Few Impotant Steps In Securing Your WordPress

Jul 7, 10 2:34 AM
Author Categories Old Posts

Here are the few tips to secure your WordPress website:

  • Create a .htaccess file for wp-admin directory (that’s, wp-admin/).  What this does is to prevent someone accessing your wp-admin directory as it contains important files that you would want to prevent hackers to have knowledge of.  Plus, if you have got files with insecure permissions in wp-admin, hackers may have the ability to access the files and do damages to your WordPress website.  With the codes below you can permit specific IP address to access wp-admin through web browser, all other IP addresses will not be able to access wp-admin directory.
    • Add the codes below to .htaccess file in wp-admin
      • <Limit GET POST PUT>
        order deny,allow
        deny from all
        allow from [enter your IP address here, and remove the square brackets]
        </Limit>
  • Download Secure WordPress plugin here, install it, and enable the options that are made available within its setting.
  • Using the commands below if your WordPress website is hosting under Linux operating system.  These commands should be execute at root directory such as public_html.  By using these two commands, you’re making sure that all files and directories are set with correct permissions.  Directories should be under the permission of 755, and files should be under the permission of 644.
    • find . -type d -exec chmod 755 {} \;
    • find . -type f -exec chmod 644 {} \;
  • Move wp-config.php to one level above public_html (that’s, your WordPress root directory).
  • Edit wp-config.php, and make sure you have a very strong password for your WordPress database.  Don’t forget to make sure that your WordPress database’s user has the same password that you had for wp-config.php.  You can use phpmyadmin to change your database’s user password.
  • Whenever you install a new plugin, make sure that you’re installing a well known plugin.  Some plugin could have codes that may make your WordPress website vulnerable to hackers.
  • Always update the installed plugins to the newest versions!

Got a tip for me on how to secure WordPress website even more?  Don’t be shy to write a comment or two about your WordPress security tips.

Advertisement

Add Your Comments

Please log in using one of these methods to post your comment:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Cancel

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 138 other followers