04 Mar How To Secure WordPress, essential security tips
Over the past few months a number of websites that i look after, have been flooded with hacking attempts.
This cause quite a concern so i began looking for different ways of securing wordpress and plugins that would help.
Before you install a plugin the first thing you must make sure of and not to leave as standard is the Administrator name. Most bloggers and website owners get a little lazy here and leave the default name as admin, this is an open invitation to them, use your full name for example, do not use your domain name or website name.
If you have already setup wordpress with admin as the Administrator name, add a new user as an Administrator with your desire username and password (which also please use something secure), then delete the old admin account where upon doing so it will ask if you want to credit your content to another user, just select your new admin account all will be safe. A good idea before doing all of this is to backup your wordpress site if you havent done so.
Now i decided to use the wordfence plugin just the free version will do for now.
Wordfence gives you many options to help secure your wordpress site
Here is a few screenshots of my settings
Wordfence basic options
Under the Wordfence advanced options for alerts i have
Under the Wordfence scans to include i have done this
For Wordfence Firewall Rules i have chosen the following
Wordfence Login security options *note*Immediately block the IP of users who try to sign in as these usernames i have used mydomain.com as an example use your actual domain name and website name if you wish
Finally the Wordfence other options
Do not forget to fill in your email address for alerts to be sent to, the email alerts will help you gauge very quickly who and when hackers are having a go at your site.