Being an open source blogging system, WordPress is vulnerable to a lot of hacking and malware attacks particularly SQL injections. Of course, we need to be aware of these security issues as they will affect the success of the blog. Blogs with bad security are prone to constant attacks and lack of traffics. Not that I’m an expert, but I’m sharing a few tips and useful plugins that you might want to install.
It would be good to add an empty index.html or index.php file on some important directories like in the wp-content/plugins or wp-content/themes folder. Usally, these two folders are the main source of SQL injections and exploits. Alternatively you can add the following line to your .htaccess file in your root:
Options All -Indexes
Attackers or hackers can also use bots for a brute force style of attack that simply guesses the admin password until they come up with the correct one and login. There are a few useful plugins available and I recommend these two:
Limit access to wp-admin folder by IP address– This solution is to restrict which IP’s can access the wp-admin folder via .htaccess. This has one drawback is you may have to update your .htaccess folder if your internet provider assigns you a dynamic IP address, you move to another location or you have authors at other locations.
AskApache Password Protect– The plugin is simple, it adds a 2nd layer of security to your blog by requiring a username and password to access anything in the /wp-admin/ folder. All you have to do is choose a username and password and you are done. It writes the .htaccess file, without messing it up. It also encrypts your password and creates the .htpasswd file, as well as setting the correct security-enhanced file permissions on both.
This what most bloggers are lazy to do. You need to keep your on your plugin/widget, theme, and WordPress versions updated. Also, subscribing to the plugin/widget/theme Author’s RSS feeds makes keeping up with them much easier.
Keep your database username and password Safe by adding the following to the .htaccess file at the top level of your WordPress install:
<FilesMatch ^wp-config.php$>deny from all</FilesMatch>
This will make it harder for your database username and password to fall into the wrong hands in the event of a server problem.
Creating a strong password that is also memorable is one of the easiest defenses against being hacked. There are a lot of online password strength checker that you could check. Also you might check lorelle’s article on blogherald called Protect Your Blog With a Solid Password, offering tips and tricks to help create a strong password that is also memorable, and how to deal with all the myriad passwords we seem to accumulate online.
AntiVirus for WordPress is a plugin that monitors malicious injections and warns you of any possible attacks.
In a world where working remotely has become the norm, having the right tools to…
Image Source: https://www.malaysia-students.com/2017/05/5-ways-in-which-malaysia-education-system.html The heart and soul of a nation lie within its youth; they…
In today's digital age, online banking has become an essential part of our daily lives.…
Easily proofread, edit, and track changes to your content in ChatGPT with a very useful…
As we approach the end of 2022, it's clear that Web3 has made significant strides…
Maxis is committed to playing an active role in bringing 5G to the nation in…
This website uses cookies.