Good practicesIf the plugins add extra functionality to WordPress, they have the tendency to consume bandwidth resources that may slow down your site and reduce the experience of Internet surfing it. There are some simple manipulation of the files in the server and in the root of WordPress installation.If you use WordPress only 1 or 2 media or desktop computers, you can secure the administration part by modifying the wp-login.php file:<Files wp-login.php>order deny, allowDeny from allAllow from xx.xxx.xxx.xxx</ Files>Replace x with the IP component numbers. You can add as many lines Allow from xx.xxx.xxx.xxx you need. Other IP can not connect.The first thing to do is to change the user name or ID. "Admin" default login is often the target of the first attack.To change yourself, you must find the name of the database that is in wp-config.php, eg: define ('DB_NAME', 'user_wp448').Go to phpMyAdmin in cPanel (the host) and open the database. Look on the left menu xxx_users the table. Click Edit or Edit, locate the line and replace admin user_login by another value. This is the value that you now use to connect to the admin panel.The use of strong passwords is also not to forget: choose a mix between the letters with mixed case, numbers and some special characters (% ...?!).
Plugins must be installed
Better WP Security became iThemes Security is the reference to quickly secure their WordPress site.
It allows to track logins and ban them if necessary. For example, if an IP address tries to connect several times, it will be blocked by the system. The plugin also allows:
- Generate strong passwords
- Detect file changes - can mean an intrusion
- Define a period of inaccessibility to the administration
- Generate words whether the sensitive points are secure
- Define periodic backups with emailing
It allows some of the actions listed in the previous section without going through the server, such as renaming the admin ID 1, the prefix of the mySQL table, and many others. Everything is done via the WordPress admin interface with a few clicks.
But adding Wordfence is also recommended that checks if your site is infected in its free version. It also acts as firewall to counter the false and malicious robots Google scans.
Remember also to updates
The updates are also important for the security of a wordpress blog . That's what is important to update :
- New versions of wordpress
- Plugins updates
- Updates themes / templates wordpress
You can do all this in the Dashboard> Updates for wordpress , plugins , themes and translations. But also in the extensions section where you can directly update plugins.
These tips will help you have to make your secure WordPress installation. Do not wait to make you hack to implement !
How to better secure their wordpress blog? Reviewed by Blogging Chimp on February 25, 2015 Rating: