3 Easy Steps To Make Your WordPress Site More Secure

WordPress is used by literally millions of people around the globe, powering an ever increasing variety of websites and blogs. There is however a dark side to this popularity. It seems that more and more users are being targeted by hackers.

One of the more recent issues concerns what experts refer to as “brute force” attacks. Put simply, this is where un-authorised people try to gain access to a WordPress site. These hackers try to take advantage of some of the common mistakes that are made by WordPress beginners.

If you are concerned about the security of your own site then this blog post is definitely for you. Here we will be taking a closer look at 3 ways that you can beef things up keep unwanted intruders at bay.

1. Remove Generic Username

When you first get your shiny new WordPress site up and running it will normally feature a single standard logon. However, this is where one of the largest issues lies.

It is vital that you take a moment to delete this “admin” user as it leaves your site wide open to brute force activity. Other user names that should be avoided include:

  • Administrator
  • Test
  • Root
  • “your sitename”

Thankfully the removal process is very easy to complete and can be done so from the interface end of your WordPress account. Firstly you should set up a new user with administrator privileges. As above, choose something that doesn’t appear to be generic.

One this is done you can then set about deleting the old “admin” user. Don’t worry if you already have a few live posts on the system by this user. WordPress will give you the option to re-assign (attribute) these posts to another person. Be careful to choose this option rather than the “Delete all posts” option.

2. Use a Strong Password

During the process of setting up a new user you will be asked to choose a new password. For whatever reason, WordPress only insist in it being a minimum of 7 characters.

If you are serious about your sites security then you will certainly want to make it longer than this. Additionally don’t be shy about using some of the special characters to help beef things up further. In fact a good WordPress password should consist of some or indeed all of the following:

  • A mix of upper and lower case letters
  • Numbers
  • Special symbols

So even with the above in mind you should be able to create a secure, but memorable password for your new “admin” user.

Again, keeping away from bog standard things like “password1” can only help to make your site more secure. Just by adopting the approach discussed above you should be able to come up with alternative’s like “Pa$SW0rd1!”. From a login point of view there is a world of difference between these two passwords.

Once you are satisfied with your new choice of password then you will need to enter it again to make sure it’s correct. Only then can you successfully click the “add new user” button to confirm the set up.

3. Keep Things Backed-Up

Spending time to ensure your site is harder to access is great; however, you should also plan for the worst.

Even with a secure logon there are still risks that hackers pose. So in the event of your site coming under attack you will want to get things back to normal as quickly as possible. Of course, the very best way of achieving this is to keep reliable back-ups of your data.

This can be achieved in a couple of different ways, largely depending on any budget constraints. If you can afford it then something along the lines of vaultpress could well be the answer.  If you find that you don’t want to shell out any cash then there are still options available. Here,you might want to take a closer look at BackUpWordpress. Either way, it is essential that you have some form of back up available in the event of needing to restore things.

The Wrap-Up

Site security is something that interests the majority of webmasters. The last thing that you should want is for some un-authorised user to gain access to all of your important information, not to mention hard work. If you are serious about keeping intruders locked out then these are some of the basics that you should be considering. You can of course delve deeper into the security aspect with the use of some additional plug-ins; however that could well be the basis of another blog post.

When he is not writing about WordPress security, your author (Charlie Livingston) can be found at http://reswpthemes.com. He strongly recommends all WordPress newbies to take a few moments to strengthen their sites security.

Image Credits: 1.

About The Author