How to protect WordPress Blog ?

[eUK-Eric]

How to protect WordPress Blog ?

WordPress Hosting is most popular and extensively preferred hosting as well as blogging software all over world. Once your site is getting popular, intruders will always try to break your protection.

So it becomes very essential for you to take necessary steps before your word press blog got hacked/compromised as you all know "Precaution Is Always Better Than Cure.."

Always Update:

WordPress upgrade became easy now. If you are using old version of WordPress, you can use WordPress Automatic Upgrade plugins and update it to the latest version.

Rename wp-admin to any other folder:

You need to replace wp-admin to new-folder-name in few files of wordpress and rename some css files from wp-admin/css/ to new-folder-name.css also wp-admin folder to new-folder-name folder.

Here are few commands to do it.

cd /home/username/public_html (Path wordpress)
find -type f -exec replace 'wp-admin' 'new-folder-name' -- {} \;
cd wp-admin/css
ll | grep wp-admin
mv wp-admin.css new-folder-name.css
mv wp-admin.dev.css new-folder-name.dev.css
mv wp-admin-rtl.css new-folder-name-rtl.css
mv wp-admin-rtl.dev.css new-folder-name.dev.css
cd ../../
mv wp-admin new-folder-name

Now wordpress admin URL should be http:// www. domainname .com/new-folder-name instead of http:// www. domainname .com/wp-admin with same login details.

Protect Admin Profile:

Create a new user and give it administrator privileges. Once you create new administrator level user delete old "Admin" user's profile. By default "Admin user is automatically created by wordpress while installation.

Use Strong Password:

Please setup password using special characters like (&@$^%_#!~#$) etc. It will make difficult for hackers to crack password. Do not use simple words, your names, number sequence, city, bike name, cell numbers etc. You'll find a lot of strong password generator websites on Google. Also keep this password changing at regular intervals as this will be more safe for you to protect your admin interface.

Protect Your wp-admin Folder:

Add .htaccess file in wp-admin folder and block all IPs address except your own IPs of home/workstation.

deny from all
allow from your home IP
allow from your office IP

Backup Regularly:
Take regular backup of your working database and wordpress contents. Unfortunately if it got hacked then, you can easily restore your site from the latest backup you'll have for it.


Delete WordPress Version:
Hackers are smart enough to crack the wordpress blog even if they came to know the wordpress version. so its always safe to remove your wordpress version. Here you go for it..

Go to Appearance > Editor and choose the Header.php file and delete below code from the source code to hide your WordPress version.

<meta name=”generator” content=”WordPress <?php bloginfo(‘version’); ?>” />

That's it. You're done. Now, your wordpress blog is quite secure and safe than others..

[WilliamStell]

My blog was hacked today thanks for this site which helped me to get back access to my blog. Now i will have a very strong password to blog. One more thing I has done is As a matter of fact, wordpress stores all your details including your username and password in plain-text in the wp-config.php file in the directory.

fashion model websites

[Letty Price]

Hello Eric, it seems you have pretty good knowledge about wordpress hosting and support. Can you please show me the steps on how to take backup of the wordpress through PhpMyAdmin?

[sihost]

In php-admin select the database and then go to export, it will download the database.

To backup your whole wordpress site, use backup in cpanel, then ftp to your account and download the backup file.

ERIC, there was some things in your post which we didn;t know, thanks, we use Wordpress alot and will be implementing some of your suggestions to protect our clients

[phoenix65]

Hello Eric, it seems you have pretty good knowledge about wordpress hosting and support. Can you please show me the steps on how to take backup of the wordpress through PhpMyAdmin?

Hi, I happened to find one of the tutorials in Eukhost's knowledgebase, this should help : How to back up WordPress website ?

[sihost]

Exactly as I posted yesterday

Using the cpanel backup rather than manual backup ensures a complete backup of everything in your hosting account, including database, which can be restored to any cpanel host account

[Veronica]

The information gives here will surely help in terms of protecting the Wordpress blog. Apart from that for protecting your Wordpress blog you must also update your plugins as they are developed by third party programmers. It is better to check the plugins profile for reading the comments. It is also very important to take a regular backup.

[JSPwSecure]

Greetings. We are pleased to announce the release of wSecure. wSecure hides your Wordpress admin URL with a special key so that only you can access. The problem with Wordpress is that anyone can tell if your site is Wordpress by simply typing in the default URL to the administration area (i.e. www.yoursite.com/wp-admin). wSecure helps you hide the fact that your website is built with Worpdress from prying eyes.

Check out wSecure in action here: http://wp.joomlaserviceprovider.com

[cranzi]

The Auto update is a nice feature but keep in mind if you are using a custom made template for the theme it can break. This has happened to me twice and while I can not tie anything but the auto update to the issues (it happened on two different themes) I have decided to not use this feature.

[rajyenranjan]

Apart from that for protecting your Wordpress blog you must also update your plugins as they are developed by third party programmers. It is better to check the plugins profile for reading the comments. It is also very important to take a regular backup.
SEO Quote - Bullseye Marketing Ltd | Bullseye Marketing Ltd

[alexispr]

Aside from all this wonderful tips from eUK-Eric, I found this website that might help all of us in protecting our WordPress website - Top 10 Security and Protection Plugins for Wordpress