WordPress security tips and tricks
Having a secure website is the desire of all bloggers. Because one of the factors in the survival of a website depends on the security level.
One of the CMS used to create a website is WordPress. Well, what would happen if our WordPress website is not secure? It could be our data content or online store will be lost easily. And it makes us really harmed.
How to make WordPress secure? Here are the WordPress security tips and tricks.
1. Update your WordPress version.
WordPress developers continue to improve themselves by providing the latest updates to the current version of WordPress. And that should be done by us as a WordPress user is doing regular updates to the latest version of WordPress we used. Where the latest version is an improved version of the previous one, both in terms of security features and script.
2. Do not use the “admin” username for administrator.
This is one that is often the cause of the hackers can easily break into our data security defense. Because we are lazy to replace the username “admin” to be more secure. It’s good to use the username and password that is difficult for others to guess. Do not use a username that is easy to recognize and predicted by others, even another user.
3. Use a strong password.
In addition to replacing the default username or easily guessed, we are also advised to create a very strong password. The strong password doesn’t only consist of letters or numbers, but combine letters, numbers and punctuation marks as strong password. And make sure you keep a record, so it’s easier to login to your WordPress. Many people underestimate the WordPress password change, but it could be a loophole for hackers to login and steal our data.
4. Rename the core engine WordPress directory.
If you are using WordPress, then the directory core engine is WP-Content Directory. Because of this there is the core of WordPress files. To change this, we can use the plugin to rename the directory core engine. But it’s worth before making changes, we make a backup first.
5. Remove unnecessary plugins.
The plugin does help us to optimize WordPress, but the plugin is not required, but we use too, can be bad for our website. Ranging from slow access to the burst our WordPress data security defenses.
We can begin to choose which plugins that are needed and which are not so necessary, to immediately deactivate. But if it is not needed, it is better if we remove it.
6. Change the database table prefix
One that we can do to maintain the security of WordPress is by changing the prefix table in the database.
WordPress itself already has a default prefix used by almost all WordPress users. This can be exploited by hackers to attack the WordPress database.
7. Perform regular backups
Backup is essential to secure the website data. Backup helps us anticipate the unexpected data loss due to viruses or hackers. Backup is part of a disaster recovery plan (DRP), the plan is carried out when a disaster occurs to restore the existing conditions.
Backups can be done on a regular basis either automatically or manually.
8. Changing the admin URL
The admin page is a page that is very sensitive for WordPress users. By knowing what is in the admin page, it is increasingly easy for hackers to get in and find the weaknesses of our WordPress. We can change the name of the URL of the admin page.
9. Detect changes to the files directory
If You want to protect more data on WordPress, try to do some checking on routine file directory. Because it can only file directory, we have a file that is strange. And no one thought that it was also likely to be a loophole for hackers to steal data on our website.
10. Check each Access for Page Error (404 error)
Have you made a mistake login and redirect to a page like 404 Error Page? You know how many people are trying to get into the defense WordPress via this page? This page is actually also easily attacked by hackers. And from here we can begin to distinguish which pages are correct Page Error due to manipulation or not.
11. Limit login attempts.
Every one of us who will be logging on, should be limited. Because it cannot guarantee that hackers will attempt to login many times. And if we have a login page that is already known by the attacker, then they will continue to try to login without limit (unlimited), and your website has been easy to be vandalized. We can begin to limit the number of login to each user that is on our website. And when we find people who login to the amount of normal limits, we can immediately block them automatically.
12. Using special WordPress hosting services.
Thank you very much for reading Wordpress security tips and tricks, hopefully useful.