Have any dangerous things around your WordPress blog, do you know that? There are instances where wordpress powered blogs often fall into wrong hands, i.e hacked. There are some precautions that every blogger should take to avoid that. Here are 6 Tips you should to use to protect your wordpress blog, they will help you to harden your wordpress installation and prevent unwanted access to your blog and control panel.
1. Always use latest version of WordPress
Always update your wordpress to the latest stable release. There will be a notification bar at your Admin Dashboard if any upgrade available. You can choose to upgrade automatically which will upgrade the wordpress installation by it’s own.
2. Use a Strong Admin Password
This is what a common mistake. People normally use a password which can be remembered easily and that type is pron to get hacked. Use a password of minimum 8 characters length, have both uppercase and lowercase letters, special characters and numbers.
3. Password Protect wp-admin folder
This basically adds a second layer of security on the wp-admin folder. Here’s a handy guide on how you can password protect your wp-admin folder as well as wp-config.php file using .htaccess file.
4. Choose Plugins wisely
Some plugins are so poorly coded that they may open a loophole for hackers. Therefor, you should choose the plugins wisely before installing it. I do not recommend using plugins for the modifications that can be done by editing the theme.
And, always upgrade to the latest version of the plugins that you are using.
This is the most important thing for all the websites and blogs. Always take a regular backup (daily, if possible) of your wordpress installation. This will be highly helpful if your blog fall into wrong hands despite all your efforts.
There are a few automated backup plugins I can recommend. WordPress Backup, DBC Backup and WP-DB-Backup
6. Vulnerability Scanning
Always scan your wordpress installation for malicious codes and vulnerabilities. Almost all hosting control panel has a built in scanner that are sufficient, some plugins like WP Security Scan and Secure WordPress are dedicated to scan wordpress installations.