Secure Your WordPress Website Now!
WordPress is one of the most popular open source Content Management Systems (CMS) being used by both business and individuals to publish their blog content. If you’re one of the millions who currently use WordPress then keeping your website secure from attacks is of vital importance. The nature of a blog means that a lot of personal information can be located in them. This makes blogs a prime target for hackers. Here are some simple tips on how you can make your WordPress blogs better protected:
Start with a Strong Password and Unique Username
The simplest way to secure your WordPress website from attack is to create a strong password. Use a combination of numbers, special characters and upper/ lower case letters. Because much of your personal information (birthday, address and school) is already located in your social networking account, refrain from using these in your password. Another good way of checking the strength of your password is by using WordPress’ password checker available on versions 2.5.
WordPress gives you the option of using ADMIN as the default user name. Changing the username makes it twice as difficult for the hackers to gain access to your account. You can change your username at any time by going to your WordPress dashboard and clicking on User. Create a new user account and choose administrator. Sign out from WordPress and use the new user account to log in.
To remove your old user account, click on WordPress dashboard and check the box beside ADMIN and press delete. WordPress will then prompt you to confirm the deletion, choose “Attribute all posts and links to:” and select your new username. This will transfer all administrator privileges and posts to your new account. Press delete to confirm old account deletion.
If you’re working with multiple users on the same blog, you could also define individual privilege. You can limit access to administrator privileges such as WordPress Theme editing or forum support.
Encrypt Your Login
You may have noticed that some of the financial sites like paypal have an https (http secure) as part of their website address. Hyper Text Transfer Protocol Secure or HTTPS simply means that all data is given an extra layer of protection. Unfortunately this is not available for standard WordPress logins. This can be a real danger especially if you’re logging on via a public network. Because your working on an open environment, where many people all use the same connections, hackers can have an easier access to the terminal you’re working on.
A way around this is by installing the <a href=”http://kimwillis.net/wp-content/uploads/2010/11/>Chap” Secure Plugin</a> that adds a random hash and authenticates you with the CHAP protocol.
Protecting Your WordPress Installation
Just like any type of software installation, installing WordPress creates new folders in your computer. Contained in these folders are all your setup files and important personal WordPress information. In the event that any person is able to gain access to your computer’s folders this does not only jeopardize your WordPress installation, but more importantly all the information located within.
Installing software that protects your important folders and directories from easy access gives you another layer of protection.
<a href=http://www.askapache.com/wordpress/htaccess-password-protect.html> AskApache Password Protect </a> secures all important folders prompting users for passwords before displaying content.
Hackers can also use simple information like your WordPress version. Different versions of WordPress are susceptible to certain types of attacks. Withholding simple information like your WordPress version can make it difficult for hackers to plan a specific attack on your website.
The meta-tag does not only include valuable information for search engines but also your WordPress version. To remove this, go to your WordPress dashboard and select Design. Choose Theme Editor and click on the Header file.
Locate this string of codes:
<meta name=”generator” content=”WordPress <?php
bloginfo(’version’); ?>” />
These codes display your WordPress version, so delete this and press Update File to make the changes permanent. For newer versions of WordPress, version 2.6 and above, all it takes is to install <a href=”http://kimwillis.net/wp-content/uploads/2010/11/>” WP-Security Scan plugin </a>.
Just like your Windows operating system, newer versions of WordPress are more secure. Be sure to update your WordPress and plugins to their latest versions.
Backing Up Your WordPress Installation
Some computer viruses, like malware programs, destroy important information located in your computer. The reality is that anti-virus programs are introduced after new viruses are discovered. There is no such thing as a cure all solution for all the viruses out there. Backing up important data, such as your WordPress installation, is a simple solution just in case your computer gets infected.