It's an unfortunate reality of the Internet today that there are people out there who would like to hack your WordPress blog. It's possible that you may have made an enemy who would like to get back at you by hacking your site, but more frequently hackers are simply looking for an easy target. Here are 10 ways to ensure that you aren't that easy target.
Upgrade WordPress: Perhaps you have wondered why WordPress releases a new version of its software every few weeks. Thousands of people go over the Wordpres code every day in an effort to improve it. A lot of the time, they are trying to plug up security vulnerabilities which hackers have figured out how to exploit. By upgrading regularly, you can be sure that you have all the latest security fixes.
Update Plugins: Many times, hackers will figure out how to gain access to your blog through a vulnerability in one of your plugins. The creators of these plugins often release updates that are more secure, which is something you should take advantage of by updating them regularly.
Hide Your Plugins: If the hackers don't know which plugins you have, then they won't know where to begin trying to hack your site. The way they find out which plugins you have is by looking in your /wp-content/plugins directory. If you create a blank document, save it as index.html, and upload it to this directory, you can prevent anyone from accessing this information. Alternatively you can block the standard file list from showing with .htaccess.
Get Rid of "Admin": Do you still use "admin" as your username to log into your account?
If so, you are making things much easier for hackers. If they know the username of your administer's account, then hackers already have half of the information they need to break into your account.
Stronger Password: If your password is something like "wood floor", then it can be extremely easy for hackers to guess. They can often simply use a program which guesses your password based on dictionary entries. Create a lengthy password made up of upper and lower case letters, numbers and characters in no particular order and avoiding dictionary words.
Login Securely: One way that hackers will steal your password is by intercepting it through the network while it is on its way to WordPress. You can solve this problem by installing the Chap Secure Login plugin. This plugin will automatically encrypt your password when you login, so the hackers will only be able to see your username.
Remove Your Version Information: Often, hackers will attack your site based on the version of WordPress you are running. If they don't know which version you are running, they won't know how to attack your site. Install WP Security Scan to remove the identifying code from the header and feeds.
Prevent Brute Force Attacks: One of the simplest ways for hackers to break into your account is to try different passwords over and over until they find one that works. The easiest way to prevent this is to use the Login LockDown plugin. If someone fails to guess the correct password 3 times within a 5 minute period, this plugin will prevent them from even trying again for the next hour.
Scan for Security Holes: The WP Security Scan plugin will automatically scan your blog and let you know if there are any problems with it that you should consider fixing. It lets you quickly change your files permissions, verify your htaccess file, and detect break-in attempts.
Get Maximum Security: Currently in beta, Maximum Security is a full featured security platform for WordPress blogs. This plugin will allow you to prevent hackers from browsing all your site's files and adjust your firewall settings. It can be a full time job keeping your site secure and free from hackers. If you implement some of these tips, much of the work can be done for you automatically.
As a full time blogger, Tom Walker works for an online supplier of ink cartridges where he is the lead editor at the CreativeCloud. He covers topics as varies as vintage advertising to packaging design.
If so, you are making things much easier for hackers. If they know the username of your administer's account, then hackers already have half of the information they need to break into your account.
As a full time blogger, Tom Walker works for an online supplier of ink cartridges where he is the lead editor at the CreativeCloud. He covers topics as varies as vintage advertising to packaging design.