HTML tutorial русский HTML tutorial english HTML tutorial عربي
0 0
Read Time:4 Minute, 24 Second

wordpress are famous php script and the most used script in the world here is some ways to protect wordpress website , after you install and run wordpress and end your theme design you need to do more steps to make it more secure we will use some plugins and other ways will be explained in this article

the first thing you need to do is to install ithemes security plugin 

iThemes Security (formerly Better WP Security) gives you over 30+ ways to secure and protect your WordPress site. On average, 30,000 new websites are hacked each day. WordPress sites can be an easy target for attacks because of plugin vulnerabilities, weak passwords and obsolete software.

its a pro and free plugin but the free one have so many great features as you can see we will explained all , after you install the plugin go ahead to the setting of the plugin you will have these page

 

go ahead and run SECURITY CHECK and follow easy steps after the Security Check eanble all the free features which is

404 Detection : if an attacker snooping and searching on your website for pages to exploit , the plugin will ban him

Banned users : you can block speciffic ip adress and users from accessing the website

Database Backups : good option to make secure backups

file Change detection : this feature is important and monitor the site for unexpected file changes which it mostly attackers trying to upload backdoors

file permissions : good way to give the files and the directories the right permissions

local brute force protection : also a very important feature protect your site against attackers that try to randomly guess login details to your website

ssl and system tweaks and wordpress tweaks : also important features you must enable

in the advanced tab in the settings there is  more advanced features

 

this is so important features but its little advanced and you should be careful and take a back up to your site before you change any thing

the admin user : this will remove the user with iD 1 and username admin from the database to make it more secure and hard to guess

change content directory : its another advanced option to hide wordpress directions like wp-content wp-include its hard to do that , and if you want to do that , do it after your install wordpress if you already designed a theme and you apply it , your theme will be damaged and you should make allot of advanced steps to do it

change database table prefix : usual database prefix is wp for example a user table will be wp_users and that for all wordpress sites , for attacker they know that all wordpress website use the same prefix  so this option add random prefix for example wp_users will be EDv_users go ahead and apply it

hide back end : great and important feature you should apply it , its main feautre to protect wordpress site we have full article about it here 

server config and wp-config rules : advanced and sensitive to do it by your self if you familiar with server and wp_config.php file you can simple add the codes to the file but be careful

and these is the list of pro features

Pro Features:

  • Two-Factor Authentication – Use a mobile app such as Google Authenticator or Authy to generate a code or have a generated code emailed to you.
  • WordPress Salts & Security Keys – The iThemes Security plugin makes updating your WordPress keys and salts easy.
  • Malware Scan Scheduling – Have your site scanned for malware automatically each day. If an issue is found, an email is sent with the details.
  • Password Security – Generate strong passwords right from your profile screen.
  • Password Expiration – Set a maximum password age and force users to choose a new password. You can also force all users to choose a new password immediately (if needed).
  • Google reCAPTCHA – Protect your site against spammers.
  • User Action Logging – Track when users edit content, login or logout.
  • Import/Export Settings – Saves time setting up multiple WordPress sites.
  • Dashboard Widget – Manage important tasks such as user banning and system scans right from the WordPress dashboard.
  • Online File Comparison – When a file change is detected it will scan the origin of the files to determine if the change was malicious or not. Currently works only in WordPress core but plugins and themes are coming.
  • Temporary Privilege Escalation – give a contractor or someone else temporary admin or editor access to your site that will automatically reset itself.
  • wp-cli Integration – Manage your site’s security from the command line.

important thing if you use theme code editor in wordpress after installing the plugin , that section will disappear because the plugin did that most time attackers use it to edit directly to wordpress code by adding backdoor php code and that  will cause the hacking of website , so after you finish your theme editing install the plugin

another thing to do

always update : update are so important for both the wordpress script and the plugins , updates help you to protect wordpress site , updates came with bug fix and exploit fix so its important to update and check updates daily or turn the auto update

we will talk more about advanced security for WordPress

Happy
Happy
0 %
Sad
Sad
0 %
Excited
Excited
0 %
Sleepy
Sleepy
0 %
Angry
Angry
0 %
Surprise
Surprise
0 %

Average Rating

5 Star
0%
4 Star
0%
3 Star
0%
2 Star
0%
1 Star
0%

One thought on “super ways to protect wordpress website

Leave a Reply

Your email address will not be published. Required fields are marked *

Close