Hello Guys, I want to share some security tips to secure your WordPress blog. We everyone knows that WordPress is one of the most commonly used blogging platform when compared to other blogging platforms. Most of the newbie bloggers start blogging using free blogging platform called blogger.com which is more secured as it is maintained by Google. But when coming to WordPress Security, Most of the WordPress Blogs are not completely secured which are being hacked by web hackers.
Secure Your WordPress Blog
Here I want to share some security tips to secure your WordPress Blog and also the list of Some Plugins which helps you in securing your blog.
Always Stay Updated
WordPress updates their Codes regularly. It notifies and ask’s you to update your blog from the Admin Dashboard. Most of the WordPress users won’t update their blogs when the update is available. Always update your WordPress blog when ever Updates are available which is must and should. You also need to update your themes and Plugins whenever updates are available. Updating your blog is very important to secure it from hackers. And you also need to hide your version of WordPress.
Use licensed Themes and Plugins :
Most of the Bloggers will use Nulled Themes and Plugins when they start using WordPress because they can’t buy the licensed copies. Nulled Themes or Plugins downloaded from the net contain Malware code which may harm your Blog. So always use licensed or free copies to secure your WordPress Blog. Be careful while installing the Plugins and Themes.
Secure Username and Password :
Most of us will continue the installation of the WordPress with the default username and use admin as a username. If you are using Admin as username then you are at risk. So please delete the admin account and create another account with a more secure name and using a strong password which contains the alphabets, numbers, and also some symbols. Make sure that you changed all your posts and pages to the new account before deleting the admin account.
Protect your Admin Dashboard :
This is the best feature which is provided to secure your directories. By using this feature we can secure our WordPress blog. Password protect your wp-admin folder from c-panel. That means we are adding double security to your admin dashboard. You need to login two times to enter your admin dashboard. We can add Password protect feature to any of our directories in our hosting c-panel.
Limit Login Attempts :
This is also the best way to secure your WordPress blog. You can limit your admin login attempts by using some WordPress Plugins. Some Hackers try logging into your admin dashboard with some username and password. If he fails 3 or more times the IP will be blocked for some time. If you are not using this feature then immediately install the Plugin which is used to limit your Login Attempts. You can also add a specific IP address to access your Admin dashboard.
Install WordPress Security Plugins :
You can protect your WordPress blog by installing WordPress Security Plugins. There are many security Plugins are available in WordPress Plugins Database to secure your WordPress blog. You don’t need to worry to search the Security Plugins, we have searched some Best Security Plugins and listing them below. Just Install them and Secure your from hackers.
Protect your WP-Config.php and .htaccess file :
Protecting WP-Config.php and .htaccess files to secure your blog is very important. Here we are providing the code which you need to paste in your .htaccess file in your server.
Code to protect your wp-config.php file :
<Files wp-config.php>
order allow,deny
deny from all
</Files>
Code to protect your .htaccess file :
<Files .htaccess>
order allow,deny
deny from all
</Files>
Source : Tutsplus.com
Backup Your Blog Regularly :
Taking backup is very important if you are blogging seriously. Some of the hosting companies provide regular backup of your data. Better take manual backup of your data from c-panel or you can also backup your complete blog by using some WordPress Plugins and you can also download files of your complete WordPress blog to your dropbox account. You no need to worry when your blog is hacked because you have already taken backup of your blog.Plugins to Secure Your WordPress Blog
BulletProof Security
BulletProof Security Plugin is Fast and Simple with No Manual Configuration Required. This Plugin helps you in protecting you WordPress blog against RFI, XSS, CSRF, CRLF, Code Injection, Base64 and SQL Injection hacking attempts. This Plugin also Provides One-click .htaccess, wp-config.php, bb-config.php Protection.
This Plugin Will helps you in Monitoring your WordPress installation for added/changed/deleted files. You will receive an Email alert to a specified Mail address when a change is detected. You will also get notified about the changes detected in Administration area in case Email is not received. You can even exclude some files and directories from scan.
Antivirus
This Plugin AntiVirus for WordPress is a very safe and easy tool to protect your WordPress blog against malware, exploits and spam injections. You can Scan your templates and Plugins now! You will get notified virus alerts in administrative area. You can also check database tables and you can also schedule daily scan with Email Notifications.
This Plugin Wordfence Security is a free security plugin that includes a anti-virus, firewall, live traffic including crawlers and scanning malicious URLs. Wordfence Security is the only WordPress security plugin that can verify and repair your Theme, Plugin and Core files, even if you don’t have any backups. This is a Multi-Site compatible plugin where you can scan all your blog posts, comments of all blogs from one admin panel.
The Plugin More Secure Login add double security to your admin dashboard. Here a new field is added to the login page below the password field. You need to enter a new code which is on the MSL Secure Card. This MSL Secure card contains 64 codes, in this each code contains 4 character. If someone wants to login to any of your account, even if he knows the password, he can not use it without the MSL code.
WP-DBManager
The Plugin WP-DBManager helps you to backup database, optimize database, repair database, delete backup database, restore database, run selected queries, and drop/empty tables. This Plugin also supports automatic scheduling of backing up, optimizing, and repairing of database.
WordPress Backup to Dropbox
The Plugin WordPress Backup to Dropbox is created to back up Your WordPress Blog on a regular basis. You just choose a day, time and how often you wish yor backup to be performed and wait for the websites files and a SQL dump of its database to be stored in your Dropbox! The plugin uses OAuth so your Dropbox details will not be stored for the plugin to gain acces