Page 1 of 2 12 LastLast
Results 1 to 15 of 24

Hybrid View

Previous Post Previous Post   Next Post Next Post
  1. #1
    Registered User ZNetLive's Avatar
    Join Date
    Jan 2015
    Location
    D-10/52, Opp. Chitrakoot Stadium, Chitrakoot, Vaishali Nagar, Jaipur-21 (India)
    Posts
    40

    How to Secure Your WordPress Site?

    WordPress is the best Platform for creating websites. Just as you consider aspects like designing, developing or hosting your website, you should consider the security of your WordPress website.

    Here are two of the most important issues surrounding WordPress security.

    Webserver Security

    Securing your server is most fundamental to securing your WP site. A secure server maintains the privacy and integrity of your data. A server running WordPress along with its software can have vulnerabilities, and thus, it needs to be ensured that your webserver and the software on it, are running on the latest and secure version.

    Database Security

    Database security is also a big concern if many blogs are being run on a single server. The best strategy to keep them safe and secure is to keep each of them in a different database with a different admin managing each blog. This can be done best in the beginning of WordPress installation.
    This helps in genuinely securing your WP blogs. Even if a hacker is able to access a blog, he will not be able to crack all of them.
    In the administration of MySQL database, make sure that it is properly configured and all unnecessary features are disabled, like accepting remote TCP connections.

    Also, limit MySQL user privileges, as a MySQL database user requires only data read and write permissions for regular WordPress operations, like publishing blogs, posting comments, etc.

    Thus permissions related to database administration and structure, like GRANT, ALTER and DROP can be repealed.

    Source: Important Tips to Secure Your WordPress Site

  2. #2
    Registered User
    Join Date
    Feb 2015
    Posts
    81
    Nice to know about the information for security of a WP site.

  3. #3
    Junior Member
    Join Date
    Mar 2015
    Location
    UK
    Posts
    17
    Another way to secure wordpress is installation of iThemes Security plugin... changing login area url ..... changing admin user id etc etc ....
    HostBrink - Reliable & Rock Solid Hosting (24 x 7)
    VPS Servers - (US OVZ | NL KVM | SG KVM)
    Dedicated Servers - (USA | Poland | Netherland | Ukraine)
    Shared Hosting - DDOS Protected Lightning Fast
    Payment Methods - Paypal, Webmoney, Bitcoin, Skrill

  4. #4
    Junior Member
    Join Date
    Feb 2015
    Location
    mohali
    Posts
    22
    Good one! Today WordPress is the most widely used CMS (Content Management System) and a highly popular open source blogging tool based on PHP and MySQL. The chief reason for the growing popularity of WordPress is its high usability and versatility. I, few days back, published an article over this subject see here: http://www.bagful.net/hosting-blogs/...e-from-hacking

  5. #5
    Registered User
    Join Date
    Mar 2015
    Posts
    17
    This is really very useful information. Thanks for sharing.

  6. #6
    Registered User
    Join Date
    Feb 2015
    Location
    India
    Posts
    46
    You can also secure your website by using plugins like Login lockdown. It helps you to limit the login trials. So that it will ban if someone tries to hack your website. There are lots of plugins like this. You can find the most important plugins for your website by consulting a highly experienced team of a Wordpress development company.

  7. #7
    Registered User
    Join Date
    Jun 2015
    Posts
    1
    hello friends,
    please tell me how to secure your word press site. this information is useful but it's not secure plz tell how to secure. thanks..

  8. #8
    Registered User
    Join Date
    May 2015
    Posts
    35
    The only thing you need to do is Keep your WordPress site and plugins up-to-date.

  9. #9
    Senior Member
    Join Date
    Jan 2015
    Location
    Iowa
    Posts
    122
    Yeah well said, It is important to restrict the access to your WordPress admin area only to people that actually need access to it. If your site does not support registration or front-end content creation, your visitors should not be able to access your /wp-admin/ folder or the wp-login.php file. The best you can do is to get our home IP address (you can use a site like whatismyip.com for that) and add these lines to the .htaccess file in your WordPress admin folder replacing xx.xxx.xxx.xxx with your IP address.

  10. #10
    Junior Member
    Join Date
    Mar 2015
    Location
    Colombia
    Posts
    3
    I liked this part, thank you for information
    Database Security
    Database security is also a big concern if many blogs are being run on a single server. The best strategy to keep them safe and secure is to keep each of them in a different database with a different admin managing each blog. This can be done best in the beginning of WordPress installation.
    This helps in genuinely securing your WP blogs. Even if a hacker is able to access a blog, he will not be able to crack all of them.
    In the administration of MySQL database, make sure that it is properly configured and all unnecessary features are disabled, like accepting remote TCP connections.

  11. #11
    Registered User
    Join Date
    Jun 2015
    Location
    28th Floor -The Gherkin,London EC3A 8BF
    Posts
    45
    Here are 10 things you can do to improve your WordPress security.
    1. Use secure hosting
    2. Update all the things
    3. Strengthen up those passwords
    4. Never use “admin” as your username
    5. Hide your username from the author archive URL
    6. Limit Login Attempts
    7. Disable file editing via the dashboard
    8. Try to avoid free themes
    9. Keep a backup
    10. Use security plugins

  12. #12
    Senior Member
    Join Date
    Jun 2015
    Posts
    192
    The best way to secure the wordpress site is to keep the plugins upto date, protect the admin area, not to use the admin passwords for other websites and also to keep a strong password which can not be easily cracked by other attackers and also to keep changing the passwords, consider more authentication process.

  13. #13
    Registered User
    Join Date
    Apr 2017
    Location
    Hamburg
    Posts
    743
    Keep plugins and themes up-to-date. Just as you update the WordPress Core regularly, you should also update plugins and themes. Each plugin and theme installed on your site is like a backdoor into your site’s admin. Unless properly secured (vetted thoroughly, updated regularly, etc), plugins and themes are like an open door to your personal info.

    Delete any plugins or themes you’re not using. Along the same line of thinking as what’s listed above, getting rid of any plugins or themes you don’t need will reduce the likelihood of being hacked. If you’re not using them, you’re not going to want to update them, so it’s a much better idea to delete them. Read: Deactivating plugins isn’t enough; you must actually click “Delete.”

  14. #14
    Registered User smugsta's Avatar
    Join Date
    Jul 2020
    Location
    India
    Posts
    7
    Even after deleting some plugins leave the folder behind and some edit htaccess. In this case shall be delete them by ourself or shall not be touched?
    The only true wisdom is in knowing you know nothing
    Sanjay Joshi
    Creative caricature designer | Buy and sell signal software developer

  15. #15
    Senior Member
    Join Date
    Jan 2018
    Location
    India
    Posts
    482
    1. Keep WordPress updated. It's easy now that it auto-updates the core. However, keep all plugins updated as well.

    2. Reduce the number of plugins used to an absolute minimum. Over the past year millions of WordPress sites have been infected due to a plugin. One day it was safe, the next day it was used as the point of entry to millions of WordPress sites.

    3. Keep your local computer virus free. Hackers know there are somewhere around 100 million WordPress sites. They know that when they infect a computer there's a good chance that computer is used to login to a WordPress website. Their viruses wait for you to login and they steal the login URL, the username and password and send it to the hacker's servers. We see this in about 17% of the websites we remove malware from. It doesn't matter if you're on a Mac or PC, run some anti-virus and have it do full system scans everyday.

    4. Delete themes and plugins you're not using. Just because you're not using them doesn't mean the hackers won't.

    5. Create separate FTP accounts for anyone who needs FTP access to your account. That way, if they have a virus that's used to steal the FTP login credentials, you'll see their user account in the log files.

Page 1 of 2 12 LastLast

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

  Find Web Hosting      
  Shared Web Hosting UNIX & Linux Web Hosting Windows Web Hosting Adult Web Hosting
  ASP ASP.NET Web Hosting Reseller Web Hosting VPS Web Hosting Managed Web Hosting
  Cloud Web Hosting Dedicated Server E-commerce Web Hosting Cheap Web Hosting


Premium Partners:


Visit forums.thewebhostbiz.com: to discuss the web hosting business, buy and sell websites and domain names, and discuss current web hosting tools and software.