Blogging

5 Important Tips To Secure Your WordPress Account

secure-your-wordpress-blog

When they aren’€™t busy pranking radio station contests at Taylor Swift’€™s expense and terrorizing teens on Tumblr, hackers are finding ways into your personal information through WordPress. Only a few months ago, 90,000 WordPress accounts were infiltrated in a massive botnet offensive that relied on Brute Force Attacks. These attacks are exactly what they sound like €”all brawn, no brains €”which means all it would have taken to avoid them was a little smarts on the users behalf. Read on to find out how you can avoid becoming a victim by using the simple methods most hackers are betting you don’€™t know about.

1. Get all 007 with your password

Probably sounds obvious, but you really need to go the extra mile when a single string of characters is all that stands between a hungry pack of hackers and your personal information. There are lots of good things to keep in mind (use numbers, caps and lower case characters), but if you’€™re looking for a list of things not to do, check the one that contains all the passwords they figured out. If you’€™re going to use your dog’€™s name, spell it backwards. And type it in Cyrillic.

WordPress protip: Use the password strength barometers! Even if you don’t trust them explicitly, use them as a guide.

2. Default usernames are the worst

First of all €”why wouldn’€™t you want your username to be a unique reflection of your awesome prose/poetry/journalism? When you leave the default admin as your username, you’re sending out a beacon of vulnerability to every hacker who’€™s even halfway trying €”because they’€™re already halfway closer to your full login information.

If you currently use admin as your username:

  1. Create a unique account name with administrator privileges.
  2. Log out and log in with your new original account name.
  3. Delete the admin account.

WordPress protip: Save yourself the headache by doing this when you’€™re setting up your account for the first time €”actually, that goes for every account you have everywhere.

3. Keep updated

Your smartphone may come equipped with the luxury of automatic updates, but WordPress does not. Set up automatic updates in your browser, or check in at least every month for the latest version of the software. With the increase of new attack methods comes the increase in WordPress’s ability to thwart them.

WordPress protip: Update everything. You don’€™t want to fall victim to something that was solved in last month’€™s bug fix.

4. Hack the hackers

Well ok, not really. But here’€™s a tip from one semi-informed computer whisperer to another:

The wp-config.php is a file stored by default on the WordPress server, and contains sensitive information like your username and password. Keep this file out of anyone else’™s hands by moving it from the online (public) directory and into a local one.

This is how we do it:

If your file is located here:

public_html/wordpress/wp-config.php

Then you need to move it here:

public_html/wp-config.php.

This moves it one directory above the WordPress root directory, making it almost impossible for anyone to access this very sensitive file.

5. Nothing is free

The first step to avoiding software that could harm your computer is by following a pretty valuable life rule: Free is rarely free €”especially when it comes from a search result for anything with the word free€ in it. Sites that come up on your hunt for cool themes that don’t charge you the hard cash they’€™re normally worth are often vehicles for destruction €”that is, they’re probably embedded with some nasty code.

WordPress protip: Use the TAC plug from WordPress (Theme Authenticity Checker) to weed out any questionable themes.

Do you know some other ways to protect WordPress accounts from being hacked? Share your advice in the comments and help us all stay armed in the age of internet infiltration.

Be the FIRST to Know - Join Our Mailing List!

Subscribe to our mailing list and get interesting stuff and updates to your email inbox.

Thank you for subscribing.

Something went wrong.

Previous ArticleNext Article
This post was written by Kevin Raposo, a blogger for SimpliSafe Home Security Systems. Kevin covers issues related to tech, crime, security, and safety. When he's not tracking down hackers, he's usually playing music, lifting weights, or just hanging out with friends. SimpliSafe is climbing it's way to the top of the home security industry.

2 Comments

  1. Set your password as strong as possible by the mixture of alphanumeric characters & special symbol with meaning less word which you could remember.
    Limit login attempts into your WordPress account to the minimum, so that no one can make so many hit & try on it.
    Change the default username of the account which will provide your account double layer security.
    Use one of the thousand security plugins available for your WordPress site.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Send this to a friend