WordPress Security

In this article I will talk about how to increase WordPress Security.WordPress is one of the largest open source Content Management System on the Internet.It power 25%  of the total Website on the Internet. These Attract Hacker  to hack and plant malicious code due to its popularity.

WordPress Username Remain as Admin.

The WordPress Default username is “Admin”.If you maintain this username ,  hacker can easily hack into your site.So the First Step is to change the Default username.

There Are 2 things you can’t change after you install  WordPress.

1. Username.

2. Password.

Change WordPress Default Username and Password.

Step 1.

Login to your Web Hosting C-Panel.

Step 2

Find  the  PHPMyAdmin dash board.

If you are not sure  where to locate that , check with your Web Host technical support.

Step 3

At  PHP MyAdmin click on wp_users.

Step 4

Change the Login Default Name “Admin ” to a complex name you are able to remember.

Step 5

Navigate back to WordPress admin page and try to login.

Change The WP Prefix.

Leaving WP Prefix unchanged,  open WordPress Site to SQL injection and malicious attack.

In order To Change this there are 3 ways.

1. Manually Change the wp_ , name in the database.
2. Write  SQL Script.
3. Install a Plugin.

Activate the Plugin –> Go to WP Security –> Go to Data Base Secutiy  –> Change the Prefix

– –> Save Settings

 

After you are done , go back to PHPMyAdmin.

The extension name should be changed.

Back Up your WordPress Using PHP MyAdmin

Step 1. –

Login to your Web Hosting C-Panel.

Step 2

Find  PHPMyadmin dash Board , if you are not sure  where to locate you can check with your Web Host technical support.

Step 3

At your PHPMyAdmin  dash board  and click export.

Step-4 –

Export it as SQL Format .

 

 

Back Up your WordPress Using Plugin

Step 1

Go to WordPress Dash Board.

Step 2  

Plugins  –> Add New

Step 3

Install Up-Draft Back Up Plugin .

Step 4

Activate Plugin

Step 5

Go to Updraft Plugin and Click Back Up now.

 

Edit  htaccess file.

htaccess file is a tool which can be modified to protect your WordPress Site from Malicious Access

1. Open Filezilla , login  Web Host ,Username and Password.
2.  Filezilla Click Here
3. Locate the Htaccess File in Root Directory.
4. Right Click on the file select View and Edit.
5. Select ” Use Default Text Editor “.
6. Add the Below Code in htaccess File and save.

Page 404  and Page 301 ( redirect)

Page 404

Page 404 , is a dead page, where it no longer exist. The Page used to exist , but some how the Webmaster have deleted the Page.

When the User Click on the Dead Link, the web host will try to search for the dead page.Eventually the Web Host unable to find the page, it will return 404  Error Web page not Found to the User.

Hacker can use this broken link as an opening , to channel brute force attack. If your site have to many  Page 404 there will be vulnerability.

In order to counter this, when ever there is a Page 404 situation , web master should re-direct it to a new page.

There are few ways to redirect the page.

1. Using Java Script / PHP.
2. Install a Plugin.

 

I think up to this stage i have covered most of the  WordPress Security essential knowledge that you might need to take note. Hopefully this will help you out with your site.