4 Tips To Improve WordPress Security In Less Than 1 Hour

Print Reply Foundation, Website Security
Stopping Hackers

WordPress is a fantastic web development tool for small business owners. But even with its big list of possibilities and small price tag, there are a few quirks you need to know about.

WordPress is open source software. The code is easily accessible, so anyone can modify it for improvements. Other popular open source programs include Mozilla Firefox, Android operating system, and Blender 3D rendering software.

As with all things awesome, there’s that tiny percent of people who want to leverage it for the greater evil and other lowdown dirty purposes. Since WordPress code is on an open source platform everyone is granted access to its code, even hackers. With the code in hand, they’re then able to find vulnerable areas in its security and exploit them.

But don’t let hackers scare you from using such an incredible business tool. Here’s a list of 4 easy things you can do TODAY to improve your WordPress security.

Powerful Passwords

Here is a list of password DON’Ts:

  • Pet’s Name
  • “Password” Or “Secret”
  • Any Word From The Dictionary

Hackers can use programs that will try all the words in the dictionary until it gains access. Instead of choosing a password picked strictly for memory’s sake, choose one that is a random string of capitalized and lower case letters and numbers.

Username Switcheroo

Everyone who sets up a WordPress account starts out with the default username of “admin”, and hackers know this! The purpose of having a username AND password is to have two lines of defense against jerks who want access to your data. But by using the ridiculously common default username “admin”, you only have password security to fall back on. So make life easy for yourself and change your username to something more unique.

Possible Plugins

There are tons of WordPress security plugins out there. Here are two that simply track login attempts and lockout possible hackers.

Limit Login Attempts

  • Customizable limit of login retries
  • Alerts admin about retries and lockouts

Login LockDown

  • Customizable lockout time after failed login attempts
  • Keeps track of failed attempts by IP address

Don’t Forget The Updates

As we talked about in a previous episode of Office Hours, WordPress updates its software fairly frequently for various reasons. But if you browse through the update documentation and find that WordPress is being updated for security reasons, you should absolutely positively run the update. This means there is a knows security issue which you can avoid with just a couple clicks.

Long Story Short

WordPress security is funny, it’s a lot like sunscreen. You may ignore the possibility of skin damage or just think you don’t need it. That is until you find yourself seriously burned, and only have yourself to blame for not taking preventative measures.

This is only layer 1 of the bean dip! A little doggie told me that Black Dog Education will be releasing an ebook covering even more in-depth information on improving WordPress security. Be sure to sign up for our newsletter to be alerted when the ebook is released.

Related Posts

Categories