PureNews

PureNews is an amazingly sleek and powerful news theme with unlimited color variations.

View full feature list Check out the live demo Buy this theme today

Five Ways to Keeping WordPress Hack Proof

Posted by on 5th Jun 2012 | 2 comments

As a preferred mode of blogging, WordPress platform has continued to rule the blogging market for the last couple of years. It is, therefore, not surprising to see more than 6 million queries on Google about keeping WordPress blogs safe, implying that hackers have taken a fascination towards this platform.

Below are given five easy ways to keep your WordPress blog/website hack free:

  • Weekly WordPress Backup

It is necessary to take backup of your blog every week and you can do this through the Backup Buddy plugin which will email you all the files once any kind of changes are made in the database, consisting of images, files and other digital media.

  • WordPress Security Scan

This plugin scans the entire WordPress database every week on a scheduled time and check for any malicious codes or vulnerabilities. After scanning, it sends you a report stating whether you have the latest stable WordPress version or not. If not, it will list out the problems as they appear along with instructions to solve them.

You can install both the first and second plugin to make WordPress doubly haack proof.

  • Login Lockdown

Some hackers try to use brute force by trying to login to the WordPress dahboard. However, the Login Lockdown plugin is very important for bloggers to prevent brute force attacks. Once you install the plugin, you can specify the number of attempts an user can make to login to the blog. Once all the predefined attempts expire, the plugin will disable the login function of the site for the user and block the IP address of the user.

The IP address of the user is kept in records for your view. If you want to release the IP, you have to do so manually but I suggest not doing it to prevent another brute force attack.

  • Change Usernames and Password

This is one of the commonest of tricks and the most often overlooked part. It is essential that the admin and all other active contributors to the blog change their username and password every week or two. Refrain from keeping passwords that are easy to break; instead use a mixture of lowercase letters, uppercase letters, symbols and numbers.

Similarly, it is important to differ the username with which posts are published on the blog with the username used to login because same usernames are the first targets of any hacker. You can do this change through Dashboard > Users > Profile > [make changes] > Save.

  • Disallow WordPress Admin Indexing

Indexed WordPress files makes it easier for hackers to break into the system. Sadly, most bloggers don’t know how to do this and thus, they fall prey to malicious attacks. To prevent indexing of the WordPress admin section, you need to create a robots.txt fle in the root directory and insert the code given below:

#

User-agent: *

Disallow: /cgi-bin

Disallow: /wp-admin

Disallow: /wp-includes

Disallow: /wp-content/plugins/

Disallow: /wp-content/cache/

Disallow: /wp-content/themes/

Disallow: */trackback/

Disallow: */feed/

Disallow: /*/feed/rss/$

Disallow: /category/*

Once the code is installed, the search engine spiders won’t index the admin section. If you don’t know how to do this, contact the blog webmaster. The root file can be accessed from the cPanel directory.

Summary

Making a blog hack proof is an important part of WordPress blog/website maintenance. Most of us do not this because we lack in technical knowledge or we are just plain overconfident. Don’t put your hard work in danger. Use the above five methods to protect your WordPress site today.

This guest post was written by Samantha Kingston, who works with Agiliq.com, a django web development company that specializes in the development of android, django and iOS applications for the web.


This post was written by a guest blogger. If you would like to write for BloggingTips.com, please refer to our guest blogging page.

2 comments - Leave a reply
  • Posted by Jojo Colinares on 6th Jun 2012

    Nice post. I’ll use some of them from now on. Not to be able to access my own site was stressful those days. Don’t want that to happen again.

    Thanks!
    Jojo Colinares recently posted..Positive Thinking Affirmations Create A Decent Beginner’s SuccessMy Profile

  • Posted by Nico on 9th Jun 2012

    Interesting list! Since a couple of months I use managed hosting; my blog is monitored all the time! Another interesting (and free!) service is Cloudflare. It combines a CDN and better security for your WordPress blog!