Easy Tips and Tricks to Secure a WordPress Blog

A blog has been transformed not only as a digital place for hobbies but also as a place of business. If you are a blogger, who has his blog generating income for you, then one of the foremost you have to think about is keeping it safe.

There is no doubt that blogs have recently been the training ground of IT savvy individuals who wants to hone their skills and see if they have any chance at being a hacker. Hackers are the well-known equivalent of thieves on the internet. They have the ability to infiltrate websites and gain the information contained in them. From then on, there are several ways on how they can make a profit from the information. It’s easy to see how they can make a living from credit card numbers, but you’d be surprised on how many are more than willing to offer a hefty sum for a bundle of social security numbers, phone numbers, email addresses and other secret information.

One of the most popular blogging platforms is WordPress and the majority of bloggers use it. Therefore, it’s only right that we first dedicate this article on the proliferation of tips and tricks to secure your WordPress blog.

Install security plugin

What I normally use is the AskApache Password Protect plugin. This plugin adds another layer of protection on your WordPress blog. It uses a feature called login lockdown and because of that it is able to block brute attacks. This attack happens when a hacker uses an automated system that tries thousands or even millions of different password permutations to get into your administrator account. The plugin counters that by blocking the access of an IP address that consecutively makes a mistake on password entry in a short period.

Limit access to your admin panel

You can tell your admin directory on what IP addresses are allowed to have access to your site. You can create an .htaccess file with the following code as content:

AuthUserFile /dev/null
AuthGroupFile /dev/null
AuthName “Access Control”
AuthType Basic
order deny,allow
deny from all
# whitelist home IP address
allow from xxx.xxx.xxx.xxx
# whitelist work IP address
allow from yy.yyy.yyy.yyy

All you have to do is to replace the “x” and “y” characters with the IP addresses that you’ll allow to administer your site.

Make sure that WordPress is up-to-date

The WordPress team is continuously working hard to keep their platform secure and safe. A blogging platform that doesn’t have this feature would never dominate the blogosphere as much as WordPress has. In order to benefit from this feature though, you’ll have to make sure that you’re using the latest version of WordPress. It’s easy to notice the number of bugs and security fixes the WordPress team implements on every release. Make sure to take advantage from this.

Use strong passwords

Finally, the last tip is to make sure you use a long and complicated password. That’s considered as the basic of online security. Remember to use a combination of small letters, capitalized, numbers and symbols.

 

Comments are closed.