7 WordPress Security Tips for Beginners

WordPress Security Tips

To secure WordPress blog and prevent or protect yourself from an attack or loss of information, I recommend the following WordPress security tips:

Backups. San Backup

Make regular backup copies of the database and files from the hosting control panel or with a plugin. It is important to download and try them!

Strong passwords

We must put strong passwords to users and change them regularly and do not use them elsewhere. They must contain at least 9 characters with combinations of uppercase and lowercase letters and numbers.

Don’t use admin user

The first thing a hacker does to try to enter with the admin account, so it is necessary to change the admin user name to another name when installing. If you have already created it, it cannot be deleted, but it can be demoted to a subscriber and create another administrator with another name.

Use latest WordPress version and update plugins

Install or update to the latest version of WordPress. Fix security holes. Before updating you should be careful to check that it is compatible with the current plugins you have installed and the current theme.

It is also important to check that you have the latest version of the plugins you use and that they are compatible with the version of WordPress you use.

Use plugin that limits access attempts

The Plugin Login Limit attempting limits the number of attempts to access the administration panel to avoid a dictionary attack from the same IP address using cookies. http://wordpress.org/plugins/limit-login-attempts/

Delete unnecessary files after installation

Delete install.php and readme.html files. After installation we don’t need them anymore.

Use secret keys

Generate secret keys in the wp-config. To generate the keys we will have to visit the URL indicated by the wp-config.php file, which is https://api.wordpress.org/secret-key/1.1/salt/

Use a security plugin

WP- Security Scan. This plugin checks your blog for vulnerabilities and suggests corrective actions such as:

  • Keys.
  • File permissions.
  • Database security.
  • Hide version.
  • Admin user protection.
  • Remove META tag from Wp from code.

More information:

http://wordpress.org/extend/plugins/wp-security-scan/

And you, what security tips do you include in your WordPress?

Be the first to comment

Leave a Reply

Your email address will not be published.


*