Welcome Buddy!

Get Started
Hacking & CrackingTips Tricks

WordPress Security that You Must to Know


WordPress is the undisputed CMS with the most widely used, both for the benefit of organizations and individuals. Along with its popularity, more and more also are trying to find the weaknesses of this engine, like a tree higher then the wind will grow louder.

The following tips to increase the security that must be known by you who use WordPress as a Content Management System or platform that is working to set the look, content, user administration, plugins, addons, and similar.

User Administrator / Admin

By default after installing WordPress, then we will get the admin user. Never! using the admin user name publicity, change the admin user with another user, such as your name combined with numbers. Most cases of hijacking user WordPress by using the admin user with the brute force method.
Logically the hacker more difficult to hack your WordPress site because they have to guess the username and password, while if you use the user name admin that displaying in public then hackers just have to attack passwords you use.

Protect wp-admin Folder

The wp-admin folder is also a dangerous hole that is often used by attackers to infiltrate into your website. Secure it! how to secure it? maybe a little more work, but it will not take 5 minutes to do it.
Create a file .htacess that containing the IP settings that restrict who can access this directory, the following setting is:

order deny, allow
deny from all
# Allow my work IP address
allow from

The .htaccess example script above is allowing IP and 124 access the wp-admin folder. Most of us are internet users with a dynamic IP, should we change the IP every time you want to access wp-admin? the answer is Yes. To change this .htaccess you can use SFTP. Or you can use other security methods such as ApachePassword Protect example.

Use SSH instead of SFTP or FTP

The reason is simple because with SFTP data transfers that occur will be encrypted, while FTP is not, in addition to effort and how to use FTP and SFTP are relatively similar.

Make index.html

This simple way is powerful enough to protect a specific folder in order not to browsable. Create index.html files with contents up to you, for example, contains the sentence: directory access is forbidden. Then save it to the plugins folder and other folders. Remember the step by step hacking is to do profiling, by knowing what plugins you use on your website, the hacker will get a lot of information that can be used to find the weaknesses of your website.

1demo banner 468x60

There are many more that must be considered regarding the WordPress security, I will write it on my next post, Look forward to the next tips. Good luck!

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Check Also
Subscribe Now
Back to top button

Adblock Detected!

If you enjoy our content, please support our site by disabling your ad blocker or whitelisting us. We use ads to keep our content happy and free.