Home WordPress Tips 5 Ways to Secure Your Blog

5 Ways to Secure Your Blog

Author

Date

Updated on

Category

With WordPress being so popular its no wonder that in many ways its become a target for would-be hackers. WordPress has many doors available that if left open make your website easily accessible for hackers. But we all love WordPress and would like to use it, so how can you remain secure?

Before you make any changes according to the suggestions below, back up your blog, just in case you need to undo the changes or additions.

A few simple easy steps to a secure WordPress:

1. Stay updated

Join the mailing list for release notifications and update when announced. Staying updated is perhaps the most important and easiest thing you can do. Also, if you are running an older version of WordPress, make sure to not announce it to the world. Remove version listings from your templates that could announce what version you are running, and possibly alert hackers to exploits you have available. Make sure when updating your install of WordPress to read the Upgrading WordPress section of the codex.

Staying updated should also mean backing up your website, so if you do get hacked your website can be restored from backups. Backing up WordPress requires you to have both the database and its files. Backing up your files is as easy as clicking and dragging them to your computer via FTP. Backing up your database can be complicated for some if attempted from within your hosts control panel, but fortunately, a number of plugins exist that help automate and simplify the process.

The following plugins can help automate the database backup process, visit their websites for more information:

Visit the the WordPress codex for further details on backing up your website.

2. Permission your files

Make sure that your wp-config is not world read or writeable. Otherwise, people could steal your login information or even overwrite your login with their own. And make sure to delete your install.php after installation is complete.

WordPress codex has an excellent walkthrough on setting file permissions here.

3. Protect against comment spam

Spam can be a danger to your blog and its visitors. Comment spam can insert unwanted content onto your website. One way of protecting against spam is using plugins that track comments and trackbacks, running them through tests to check on whether they are spam and then refusing or approving based on the test results. Though it’s worth noting that this is not completely full proof and depending on the size of your blog you may even want to personally moderate commenting, or maybe even limit commenting to specific posts.

Anti-spam Plugins and additional resources on how to protect from comment spam:

4. Limit self-registration of users

WordPress supports the ability for users to create new accounts for the purpose of posting. Though this registration does allow them to subscribe as well, which gives them access to reading only. Turn self-registration off in options: general: general options: uncheck anyone can register
(see screenshot below.) or limit your readers to the subscribe role only.

members

5. Make sure your login information is unique

I’d suggest creating a new WordPress admin user account and deleting the default admin account. Its very important to create a unique password in conjunction with your name. Check out the automated password generator to create a unique and difficult to crack password.

In summary:

  1. Stay updated with your WordPress install.
  2. Permission your files.
  3. Protect against comment spam.
  4. Limit self-registration of users.
  5. Make login information unique.

Along with this post I’d recommend reading the other options available in Hardening WordPress. Don’t let your blog or website be vulnerable to attack.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Recent posts

5 WordPress Plugins to Increase Your Website Speed

 And if you’re an online entrepreneur, you probably know that making people wait is bad for your eCommerce business too — really bad.I mean,...

How to Show Only Images that the User Has Uploaded in WordPress

When using WordPress with multiple authors, many things need to be taken into consideration. The default permissions system leaves much to be desired, and...

Oxygen Builder Review

Free from all sorts of coding hassles and an abundance of options that cater to the users’ needs, Oxygen 2.0 is probably the best...

Basic Guide to Online Backup

A Basic Guide to Online Backup You may have heard of it, know you need it, but what exactly is it? Online backup is the...

Web Hosting Hub Review

How did it begin? Based in Virginia Beach, Web hosting hub has been on the market since 2001. If it were not for Web Hosting...

Recent comments