Articles \ Wordpress
June 17, 2013

Internet is a necessity nowadays to most of us and is quite interesting how it plays a vital role of influence to our lives, mirrored somehow in the society. Everyday people surf internet, read news online, publish things, etc. and many of them are even webmasters. But when people doesn`t take necessary precautions to keep their website secure, this becomes a problem, especially if they don’t have an updated backup ready to be used.

Websites built on WordPress, a free and open blogging tool and a content management system, can be vulnerable to different security issues; the truth is that there are hackers out there who break WordPress websites everyday. As internet users, we`re in a continuous search of ways for an easy and hassle free experience. In order to keep WordPress secure here are 9 easy steps you can follow in minutes!

1. Finding a web host that is right for you

This is the most important key in securing your WordPress site. You know how it is; being free or cheap doesn`t mean it`s also good, so keep in mind the quality/price ratio aspect when searching for a webhosts.

2. Updating your WordPress system, themes and plug-ins

These are essential features that allow users to tailor their site to their specific needs; performing regular updates to your site on a daily basis can minimize the risk of having your site exploited; due to outdated versions of WordPress parts. Updates can also add security patches with other improvements making it easier and faster to use.

3. Limit Login Attempts

Bots love to insanely try to login to your WordPress dashboard. Limiting the login attempts is a great way of securing WordPress. There is a plug-in called exactly like above “Limit Login Attempts” and can successfully be used to stop “Brute Force Attacks” through a simple algorithm: the plug-in only allows 3 incorrect login attempts and if all were unsuccessful, the account will become locked for 20 minutes. Cool, isn`t it?

4. Rename/delete “admin” user

If you still own the “admin” WordPress, username, rename it or delete it and create another user that does not have such an obvious username to access your site. Don’t limit yourself and remember to be creative. Latest WordPress versions lets you now create

5. Secure FTP

There are 3 ways to secure FTP: firstly, use SFTP to access your website. This will make it harder for others to see your server files. Secondly, don’t use FTP on public networks and the lat things, create a strong password.

6. Hardened File Permission

Ensure that your system files are not open to casual editing by users and groups who are not eligible to modify them. You can learn more about WordPress file permissions in the WordPress Codex.

7. Back-up, back-up, back-up again!

Don’t risk losing your hard work. Create a fully, periodically back-up of your site.

8. Run a security scan

This way you can determine if your WordPress website has been hacked and also is a good way to prevent unauthorized access.

9. Don’t make your servers look like a kitchen soup

This is happening when a user has their live site on the same server as other websites used for testing and other not very important things. When plug-ins and themes become outdated, the security of the server is compromised making it much more easier for someone to access it.

Following these simple steps is a start in securing a WordPress website and minimizing the vulnerability of this awesome open-source system. I`m sure there are also more tips about how to keep WordPress safe from being hacked and if you know one, I would love to read it and see how well it goes!


Written by

I’m a content writer and most of the topics I write are all about web design and development. I also work for an Orange County WordPress company called Annexcore, in an awesome group of people capable of managing small projects to larger initiatives.