Seeing the boom in the Internet world has magnetised a whole bunch of people
who wish to make their presence in the world of web. Everyday lot many
people enter the world of blogging world or decide to get their websites.
WordPress, we all is one of the most liked CMS for miscellaneous good reasons.
The cool features and the ease it provides makes it a pick worth it.Well, deciding on getting a website and running it is not as simple as it sounds to be. There are many obstacles that come in the way thereby making your efforts go down the drain. Hacking for example can be quite shocking. Every now and then we get to hear the news about celebrity websites getting hacked and as its a normal human tendency that we don’t even for once think of the fact that it can happen to us one day. I am not at all asking you to think negative and keep worrying but then it is always good to hope for the best but be prepared for the worst. I am almost about to use the cliche sounding line which is that precaution is better than cure.
Don't worry I'm here to help you and if you haven't
installed WordPress yet so lets first secure it from the very beginning of the
installation you can continue reading here for this. This tutorial ill teach
you how you can install WordPress from scratch with security. If you've already
installed WordPress I advice you to change the Database prefixes, by default it
is wp change it to whatever you want.
1. Secured WordPress Plugins!
Yes , actually just simply search the Google for WordPress exploits and you'll be amazed that there are a lot of exploits for WordPress that core file is well-secured but plugins not. Hackers exploits the plugin and than you got owned by hackers so before using plugins 1st check that they are secured or vulnerable or look for their patches!
2.
Strong Password
As explained above there are many
ways a malicious user can get into your website and Brute forcing is one of
them and very common. It's better to have a very strong password not one that
is very hard to remember. Make it at least 9 characters long mixed with
uppercase,lowercase,symbols and numbers. Brute forcers work with password list
so make it unique also and it's very easy to make strong passwords.
3.
Limit Login Attempts
I love this thing :p as I told you
above about Brute force method, they will just enter random password until the
correct password guess so in this case we can use plugins to make login form
secured. Use to plugins to put Captcha and Login tries, what it will do is
brute forcers can't enter captcha and after few failed login attempts user will
be locked out from logging in again.
4.
Change Default Login URL
By default, WordPress Admin login
URL is wp-admin and everyone can access it and if someone manages to crack your
password then he knows what to do next :p In that case, we can change the URL
to whatever we want and trick them. You don't have to do this manually because
there some paid and free plugins for this job.
5. Remove Login Error Message
By doing this you can easily prevent Username Disclosure Vulnerability. what actually happen is when someone enters a wrong username and tries to log in, form will come up with an error message saying Wrong username and this thing can help him identify the correct username and on a correct username it will come up with “The password you entered for “username” is wrong”. Navigate to => Appearance => Editor and open functions.php file and add this code:
6. Hide your WordPress
version. From your theme’s folder, open “header.php“, search for the line…
1
2
3
|
<meta name=”generator” content=”WordPress
” />
|
…and delete it. It has no useful
purpose.
7. Ensure WordPress Database Errors
Are Turned Off. In recent WordPress versions, they are turned off by default.
So upgrade.
It’s bloody expensive to fix a site that’s been hacked!
So what else can you do?relax and let me do all the mentioned above for you at just $5 yes i mean $5. just click on the URL below and i will do all these things. act fast before the promo ends
https://www.fiverr.com/juliusblog123/make-your-wordpress-website-secure-and-hack-proof
No comments:
Post a Comment