WordPress Website Security

Website Security

One of the biggest fears people have about moving their website to WordPress is the security behind the framework. What they don’t realize is that WordPress is very much secure, as long as you update your site and the Plugins when prompted via the admin panel. However, if this still makes you feel uneasy about moving your site to WordPress, follow the steps below to give your site that extra security muscle.

1)    Download, Install and Activate iThemes Security plugin

2)    Open Plugin Dashboard

3)    Scroll down to security status

From here, you will notice a large list of security items categorized by priority. At first it may seem a little overwhelming, but below are the 4 most important items to fix.

1)    Your login area is not protected from brute force attacks.

This feature sets the number of attempts someone has to login to your website. Once the limit of attempts is reached that person or bot is blocked from being able to login for x (you set the #) number of days.

2)    A user with id 1 still exists.

When you create your WordPress website, the first user account you create will have an id of 1 in the database. By fixing this, you remove that common aspect about your site that hackers can target.

3)    Your database table prefix should not be wp_.

By default WordPress’ database prefix is wp_. You have to ability to change this on a fresh install, but if you failed to change the prefix, changing it now is a great idea. Much like the user id being 1, the wp_ prefix is common amongst WordPress sites and changing the prefix just makes your site that much more secure.

4)    Your WordPress Dashboard is using the default addresses, Click here to protect WordPress files.

This feature allows you to change the login extension for WordPress. Typically, to login to a WordPress site you would type domain.com/wp-admin into the url bar to get to the login screen. By changing the suggested feature above, you can change this link to make your site extremely secure against automated attacks.

Hopefully this will help your decision on determining what Content Management System (CMS) is best for you. Happy Blogging!