WordPress Security
Ranked #202,227 in Computers & Electronics, #3,160,068 overall
3 Steps to Protect Your WordPress Admin
Hackers often use brute force attacks to try to gain access to your WordPress administrator. What this does is try thousands of different username/password combinations until they find the right one. WordPress doesn't allow you to choose the default admin username so they already know half of what they need. You can, however, easily add the extra security you need.
#1: Change your admin username
The first step you should take is changing your admin username. First login to your control panel (often cPanel) and go to your database editor (normally phpMyAdmin), then select the WordPress database and browse to the wp_users table. The original user is user id 1, so edit that entry. Pick a username other than "admin". This step is the single biggest in protecting your site. Most attempts will only try "admin" for the username since most people don't bother changing it.
#2: You need a better password
Now you'll need to have an admin password that is difficult to guess. A good password is at least 8 characters (12 is better) and is a mix of all kinds of characters. If you would like a secure password generator you can find one at PCTools.
#3: Installation of Login LockDown
With Login LockDown you can set a threshold for the number of failed login attempts before a malicious user is blocked. From their WordPress plugin directory description:
Login LockDown records the IP address and timestamp of every failed login attempt. If more than a certain number of attempts are detected within a short period of time from the same IP range, then the login function is disabled for all requests from that range.
The installation process for Login LockDown is like any plugin. Go to the WordPress plugin directory and download the .zip installer. Go to your WordPress admin dashboard and navigate to Plugins > New > Upload. After you upload the file you'll want to activate the plugin. After that you can setup your custom rules.
These few, easy steps will exponentially increase the security of your Joomla installation. You will also need a secure WordPress hosting company.
#1: Change your admin username
The first step you should take is changing your admin username. First login to your control panel (often cPanel) and go to your database editor (normally phpMyAdmin), then select the WordPress database and browse to the wp_users table. The original user is user id 1, so edit that entry. Pick a username other than "admin". This step is the single biggest in protecting your site. Most attempts will only try "admin" for the username since most people don't bother changing it.
#2: You need a better password
Now you'll need to have an admin password that is difficult to guess. A good password is at least 8 characters (12 is better) and is a mix of all kinds of characters. If you would like a secure password generator you can find one at PCTools.
#3: Installation of Login LockDown
With Login LockDown you can set a threshold for the number of failed login attempts before a malicious user is blocked. From their WordPress plugin directory description:
Login LockDown records the IP address and timestamp of every failed login attempt. If more than a certain number of attempts are detected within a short period of time from the same IP range, then the login function is disabled for all requests from that range.
The installation process for Login LockDown is like any plugin. Go to the WordPress plugin directory and download the .zip installer. Go to your WordPress admin dashboard and navigate to Plugins > New > Upload. After you upload the file you'll want to activate the plugin. After that you can setup your custom rules.
These few, easy steps will exponentially increase the security of your Joomla installation. You will also need a secure WordPress hosting company.
Improve your WordPress security in under 1 minute
There is a wonderful WordPress plugin named WP Security Scan that automatically checks for several potential security problems on your WordPress installation. It will automatically fix some, and tell you how to fix others. After you install there will be a new link in the admin sidebar called Security. Click that and you'll get your recommendations.
Right now WP Security Scan covers:
-passwords
-file permissions
-database security
-version hiding
-WordPress admin protection/security
Future releases will also address:
*one-click change file/folder permissions
*test for XSS vulnerabilities
*intrusion detection/prevention
*lock out/log incorrect login attempts
*user enumeration protection
*.htaccess verification
*doc links
by claybutler6785
claybutler6785
Hello world. This is my bio. I can edit it later!
- 0 featured lenses
- Winner of 2 trophies!
- Top lens »
Feeling creative?
Create a Lens!
Explore related pages
- Wordpress Kurulumu icin Hosting ve Domain Wordpress Kurulumu icin Hosting ve Domain
- The Best Web Host Ever The Best Web Host Ever
- Web Hosting FAQ Web Hosting FAQ
- WP Web Host Review 2012 WP Web Host Review 2012
- VodaHost Web Hosting VodaHost Web Hosting
- DreamHost - the best web hosting DreamHost - the best web hosting
