Computing Magazine

How to Secure Your WordPress Blog

Posted on the 23 April 2017 by Dreamtechie

Life as a blogger is hectic enough. The risk of hacking is the last thing you would want on your plate.

Not to miss mentioning the pain and agony of having all your hard work go down the drain. So, the best way is to prevent the calamity through protection.

How to protect your beloved blog? We tell you how in this article.

To begin with, WordPress is one of the world's widely used Content Management Systems (CMS). it is the platform chosen by web sharks like Facebook, Mozilla, eBay, CNN, to name a few.

Sadly, it is also the favorite play arena for hackers. According to a study conducted by WPwhitesecurity, at least 70% of WordPress installations are hacke-prone.

But, you can keep your website hack prone with these security shield hacks that experts advise.

Secure your login

If you have set 'admin' as the default username for your WordPress blog, you are one among the million WordPress admins whose block can be easily hacked into. The username 'admin' is easily guessable and hence can be broken without breaking a sweat.

Think of a better username. A username that you can easily remember but someone can never guess about. Secondly, consider setting the login page with a captcha to prevent bots or virus programs from finding their way into your system.

How to secure your WordPress blog

Hide or change admin URL

WordPress provides a default admin login URL which goes like: However, admins can modify the login page URL to something else so that it is beyond the reach of hackers. In a way, it is like hiding the gateway to your blog.

You can change the admin login URL manually or use a security plugin to do it. Most security plugins also come with the option to change your login url to a custom one. Try WordPress' very own Wordfence to set a custom admin login URL.

Enable Two Factor Authentication

What if your password is stolen? Anybody can gain access, right? Well, not exactly if you have put in place two factor authentication.

Two-factor authentication will demand an additional token or one time password other than your preset password. The token or password is usually received as an one time password on your phone, or as a hardware USB key as Facebook has recently provided. This ensures that anybody who has stolen or got your password is unable to access it.

How two-factor authentication works:
How to secure your WordPress blog

Block suspicious IP addresses

A particular IP address popping up repeatedly on the failed login attempts is not a good. Genuine users know how to sort out the forgotten password issue. In other cases, it could probably be hackers trying to break in using multiple username or password attempts.

It is better to spot and block such IP addresses than take the risk of letting them inside the system. You can use settings in your C-panel or use WordPress security plugins to block suspicious IP addresses.

Configure WordPress security plugins

WordPress security plugins provide all necessary features required to protect your blog from hackers. They come with essential features like vulnerability assessment, malware scanning, DDoS protection, etc. that keep your blog safe and secure.

You can pick a good security plugin after considering factors like:

  • Download count
  • Average user review
  • Update frequency
  • Pricing

Wordfence, iThemes, Sucuri are some of the top names in WordPress security plugins. There are still more options available in the market you can consider for your WordPress blog.

Upgrade the latest version

WordPress releases updates and security patches to plug the security lapses in the previous versions. So, make it a point to update your WordPress CMS on a regular basis.

Also, update all WordPress plugins and extensions that you are using. According to security pioneer Sucuri, 25% of the WordPress security compromises occurred during 2016 were due to 3 outdated plugins - RevSlider, GravityForms and TimThumb.

How to secure your WordPress blog

Luckily, updating WordPress is not rocket science. There is an in-built provision which will notify admins as soon as an update is available. The latest versions of WordPress come with background automatic update which spares all effort from your part.

As for plugins, check if they provide facility for auto updates. Plugins like Yoast SEO come with a 'turn on' 'turn off' feature that makes updating the plugins a smooth affair. You don't have to meddle with updating each plugin individually each time.

How to secure your WordPress blog

Keep your version details private

By default, most WordPress websites show the version that it is running. Contrary to common knowledge, this can be used by hackers to break into your website.

The ideal thing to do is to stop letting the world know the version number you are running on. Secondly, delete the readme.html from the WordPress installation directory which also reveals the WordPress version of your website.

In case if you are using any WordPress themes of plugins that also exhibit your version number, you need to disable that too.

Backup blog regularly

Although extremely rare, it is quite possible that data can be lost while updating to a new version or while removing an extension. To avoid such calamities from rocking your blog's existence, the ideal thing to do is to take regular backups.

Backups ensure that you have an entire copy of the blog's content to restore if something goes wrong. Make it a point to backup database and files to restore the blog to previous form. There are also plugins like BackWup which take backups automatically and sends the backup files as an email to your preset mail id.

Opt for encryption

HTTPS encryption is proven to be the best way secure any blog and WordPress platform is no exception to it. In fact, WordPress has even made HTTPS encryption mandatory for all WordPress websites from 2017. This means you must mandatorily configure your website with SSL certificate. It will not only secure your website from infiltration but also breed trust in the minds of users.

To Wrap it up

WordPress blog security does not happen very easily. Unless you enlighten yourself how to set the right security parameters that will thwart suspicious logins and hack-in attempts, things can go wrong terribly.

With these WordPress security tips, your blog will remain at mint condition safe and secure from the hacker's reach.

You may also like -

You Might Also Like :

Back to Featured Articles on Logo Paperblog

These articles might interest you :

  • Schindler’s Lift

    Schindler’s Lift

    Following a boozy afternoon on the tiles, I had no memory of making it back to our hotel in East London. This is despite staggering from Soho to Piccadilly... Read more

    7 hours, 40 minutes ago by   Jackscott
  • Electric Universe - Yamnaya People - proto-Saturnian-split Date?

    Electric Universe Yamnaya People proto-Saturnian-split Date?

    THERE WERE GIANTS IN THOSE DAYS:yes, this looks like Free Planet taking the Bible as a Historical Document...The Electric Universe concept (ameliorated by... Read more

    7 hours, 51 minutes ago by   Freeplanet
  • A Ripple Conversation With Gregg Emley Of Holy Grove

    Ripple Conversation With Gregg Emley Holy Grove

    When I was a kid, growing up in a house with Cat Stevens, Neil Diamond, and Simon and Garfunkel, the first time I ever heard Kiss's "Detroit Rock City," it was... Read more

    10 hours, 10 minutes ago by   Ripplemusic
  • Freshening Up For Spring Tips

    Freshening Spring Tips

    Check out our Workshop Tip Videos on You Tube. If you can't attend the new Bridget Beari Home Store workshops then I'll be doing some quick video wrap ups of... Read more

    11 hours, 43 minutes ago by   Bridgetbeari
  • Brown Sugar Cream Pie

    Brown Sugar Cream

    I have always found the chemistry of cooking fascinating. The process of combining together a few (or sometimes many) ingredients, which on their own are not al... Read more

    13 hours, 40 minutes ago by   Mariealicerayner
  • Wildland Firefighter & Firefighter Reserve – Pechanga Fire Dept. (CA)

    Wildland Firefighter Reserve Pechanga Fire Dept. (CA)

    Pechanga Fire Dept. (CA)  WILDLAND FIREFIGHTER FIREFIGHTER RESERVE Wildland Firefighter: $19.00 hourly The PFD has the responsibility of protecting the... Read more

    13 hours, 59 minutes ago by   Firecareers
  • LeToya Luckett Gives Advice To Single Ladies “Give It To God”

    LeToya Luckett Gives Advice Single Ladies “Give God”

    Our girl, LeToya Luckett, who married Tommicus Walker last December, shared some words of wisdom for single ladies with Sister Circle co-host and... Read more

    15 hours, 37 minutes ago by   Firstladyb