Securing your WordPress-powered blog or website is a must for everyone no matter how safe and secure your server is. I have been a WordPress user for 7 years and in the last 2 years, it was somehow a tough 2 years for my blogs because I have constants site intrusion from hackers by implanting malicious code and changing my index.html occasionally. The hacks were widespread to all my WordPress blogs until I’ve decided to surrender and killed all my site. I even moved from WordPress back to Blogger for my personal blog.
It was really a hard time and now I’ve learned my lesson on securing WordPress blog. If you think that WordPress is well-secured that you are so-wrong. It’s one of the most famous blog platform in the world, the must me many hacker trying to intrude the wall of WordPress, just like Windows has more malicious software than Mac.
If you have just installed WordPress or have been using it (safely, without any sign of intrusion), secure you WordPress blog like how I do now:
- Use a combination of alphabet, numbers and symbols password.
- Use security plugin: Better WP Security, Anti-Malware (Get Off Malicious Scripts).
- Change ‘admin’ username to something else.
- Update all your plugins frequently! (Remove unused plugins)
- Update WordPress whenever a new version release!
- Update your themes! (Remove unused theme)
Having all your WordPress file including themes and plugins updated are very crucial. That was the thing that I did not look into which causes a major security issue into my blog. Plugin and theme are the one that usually got forgotten, so do check you theme file and plugin occasionally.
Good luck and happy blogging (or) working with WordPress.