5 Basic WordPress Security tips ( beginner’s Guide )
In this tutorial i will guide you 5 Basic WordPress Security tips ( beginner’s Guide ) that will help you to safe & secure blog with attacker and malware . WordPress always have challenges about security .
so this tutorial will help you to secure your blog with hacker’s and malware .
- Always Up to Date with Plugins & WordPress Version
- Secure Admin Account (wp-wdmin )
- Be careful With Contributed Plugin
- Hide WordPress Version
- File & directory permission
Always Up to Date with Plugins & WordPress Version
Always check your up to date plugin and WordPress version , WordPress have some good think (notification update) that will help us to keep secure our blog , but we ignore , so always check your updated plugin and WordPress version you are using in your blog , if you are using old version of plugin and WordPress then update all plugin and WordPress .
Secure Admin Account (wp-wdmin )
When we install WordPress for our blog we always keep username and password ( username : admin password: admin) to the blog so it’s really help the attacker’s to hack your sites easily .
Notes : Never user admin as your username with default provide by WordPress .
Username : use numeric key in username
Password : always use special character in the password (#@&*%_) in password , that will secure your blog.
Be careful With Contributed Plugin
Most are people are not aware with custom built plugin , they just visit to WordPress official site and download from there and used in the blog . some time during installation and activate of plugin in our application , show white pages and stop working . so always be careful with plugins .
Hide WordPress Version
some time we are busy any where so we could not check our Current WordPress version which are using so its help the Hacker’s to attack on your blog and website .
so in this case hide your current WordPress version from WordPress header
Notes : if you are using old version of theme in the WordPress so remove following line from there .
Remove : <? php bloginfo(‘version’); ?> from header.php
If you are using newer version of WordPress Theme so just add following line in themes functions.php
add : <?php remove_action(‘wp_head’, ‘wp_generator’); ?>
File & directory permission
File & Directory permission play very important role in security of application and blog from the hacker’s . so make sure you don’t have file and directory permission 0777 , 0755 . these are read and write permission and break the security of our blog .
So always user 0655 read only permission that will help to secure our blog.