Improving WordPress security

Improving Wordpress security

Below are some important methods and steps to be take to improve WordPress security.

  • Updating plugins and WordPress core to latest versions. Enable automatic updates.
  • Using plugins and themes from known sources.
  • Deleting unused plugins and themes
  • Changing Permission of files from 777 to a more secure one (750 or 755)
  • Change administrator accounts from admin to a more secure one
  • Delete unused users, Update or ask for updation of users on site.
  • Appreciate two factor authentication on users.
  • Limit login attempts on site using plugins.
  • Implement automatic backups.
  • Avoid free or cracked themes and plugins.
  • Hide author usernames. The user who has posted the most content usually be an administrator. Hiding the author names would improve security more.
  • Install audit plugins which can log user login information.
  • Lockout the default login page.
  • Use SSL to encrypt data.
  • Monitor files using security plugins like wordfence.
  • Disallow theme and plugin file editing from wp_config.
  • Disable directory listing.
  • Hide WordPress version number.

Leave a Reply

Your email address will not be published. Required fields are marked *