Web Marketing: How to Keep Your WordPress Website Secure - dummies

Web Marketing: How to Keep Your WordPress Website Secure

By John Arnold, Michael Becker, Marty Dickinson, Ian Lurie, Elizabeth Marsten

If you use WordPress for your web marketing, you should be aware that any web-based application that sports a URL to visit and an administration username and password to enter is inviting to potential hackers and thieves. WordPress is no exception.

Fortunately, multiple levels exist for which you can secure your WordPress website. The process of securing your website from the outside world is called hardening WordPress. Here’s what you can do to harden your website:

  • Change your username from Admin. After you’ve logged in to your WordPress account, on the Users tab, change the default of Admin to something else. Most hackers know the Admin username and can easily break in to your website.

  • Use a strong password. Use at least one uppercase letter, lowercase letters, and a symbol or two.

    Use free password-management software, such as KeePass, to keep track of all your passwords.

  • Install these security plug-ins:

    • Login LockDown: Restricts the number of times a person (or automated script) can attempt to log in to your admin page within a certain time period.

    • WordPress Firewall 2: Blocks suspicious requests being made to your server, website files, or plug-ins.

    • WP Security Scan: Scans your entire WordPress installation, looking for bugs, worm holes, or other opportunities for the bad boys to get in.