Home / Uncategorized / Best Tips to Secure your WordPress Site From Being Hacked

Best Tips to Secure your WordPress Site From Being Hacked

WordPress is powerful CMS and No:1 software in the world. Millions of Webmasters using WordPress. that’s why WordPress is favourite target for hackers due to its huge user base.

hackers loves to hack websites because they easily found security bugs due to our weakness.

most WordPress sites hacked by plugins vulnerability. 90% plugins are free of cost that’s why some plugin’s author made low quality plugins to get backlinks for their site. that’s why thousands of sites hacked due to security reasons.every day we should check our website any vulnerability scanner tool.

in early days WordPress faced security compromised issues. slowly but surely they fix issues one by one. if you are serious in this field then you can realize the true importance of WordPress security.

Now I Am sharing With You Some Tips About WordPress Security.

Always Make WordPress Up To Date:

make your core always up to date. when word press developers found security bugs. they release a new version. the old version of WP are more open to attacks that’s why you should keep WP core up to date on right time, and  check website security with best wordpress security plugins, otherwise it will be very sad moment if hackers take down your site because you were late in updating your Core. 😉
Never use “Admin” as Your Username

when we install WordPress in our website. then default WordPress username “ADMIN” set automatically. hackers try to hack WP using default information. if you are still using admin as your default username then change it immediately.

See This Article: How To Change User Name In WordPress

Restrict Login WordPress Admin Area Using IP Adress:

this is an effective option to provide an extra layer of security for your WordPress Login area. if you are using proxy for web access or have multi author site then this option not for you in others words you can easily create extra layer of security for your website.
by editing .htaccess.

Go to your server directory and open .htacces file  and add following lines after the #BEGIN WORDPRESS

Files wp-login.php
Order Deny,Allow
Deny from all
Allow from xx.xx.xx.xx

Now open wp-admin folder > open .htaccess file and then add following code


Order Deny,Allow
Deny from all
Allow from xx.xx.xx.xx


Hide plugins list from others:

most WordPress sites hacked by plugins vulnerability always make your plugins secret from others if some one knows plugin vulnerability you are using this may also caused your site down. the main reason is that plugins are available free of cost at WordPress.org. hackers can easily analyze vulnerability in free plugins. if hackers found any vulnerability.then it will not any harder to hijack your blog.

Update Secret Keys of wp-config.php File:

All sensitive information about your WordPress are stored in the wp-config.php in your root directory. Security Keys improve encryption of information stored in the user’s cookies.we should update secret keys regularly we can create custom keys through this link.

Changing Database Table Prefix:

If u are using default WordPress database Prefix wp_ then change it immediately.no doubt WordPress Database is like a brain for our site because all information of our website is store in his memory.our posts,pages,comments, options, plugin and theme settings – all our site data is stored in our site’s database.

Now we can easily understand that with these qualities making him hot target for hackers and spammers. so always keep it mind that never use default prefix wp_

You should read: How To Change Database Tables Prefix in WordPress

Secure wp-config.php and .htacces File:

wp-config.php and .htacces File contains the most important information about our website database it contains our username and password. if hackers get control on these files then they destroy our site in seconds.

Read This Article: How To Protect wp-config.php and .htacces file

Use Askimet To Block Spam Comments:

askimet is another best plugin of WordPress. it defend us from spam comments. hackers can take down our site using hacking codes. once we approve any hacking comment hackers can access to our database via remote and take down our website. Read This: How To Activate Askimet Plugin.

Read This Article: How to Block Spam Comments With Akismet?

Protect WordPress Admin Login Area with Limit Login Attempts:

The best way to secure your site is that you should limit the failed login attempts.By default WordPress allows unlimited login attempts either through the login page or by sending special cookies This allows passwords (or hashes) to be brute-force cracked with relative ease.

If a some one makes too many failed login attempts then it will block immediately for a few minutes.with Limit Login Attempts we can increase or decrease the time manually.here is some alternate plugins Login lockdownBetter WP Security and WordFence Security.

Timthumb Vulnerability Scanner:

The Timthumb Vulnerability Scanner plugin will scan your entire wp-content directory for instances of any outdated and insecure version of the timthumb script, and give you the option to automatically upgrade them with a single click. Doing so will protect you from hackers looking to exploit this particular vulnerability.

More info at CodeGarage.



About tahir

Muhammad Tahir lives in Lahore, Pakistan. Loves to read and write articles about tech and web resources online.

Check Also

Zong 5GB, 2.5GB Weekly Internet Package

Get 5000 MB Internet in just Rs .156. Pakistan’s one of the best cellular network presents …

Telenor 4GB Weekly Internet Package

Telenor presents 4Gb weekly internet package for their customers, After releasing the weekly 2GB, 3GB …

SHAREit Crossed 1 Billion Downloads (World Best High Speed File Sharing App)

Everyday we share bunch of picture, movies documents with our friends and family members and …

Nokia 3310 3G Price & Specs

Few months ago HMD (The Home of Nokia Phones) released again Nokia’s most popular 3310 …

Best Websites to Download and Watch Movies Online

We are all love to watch movies online there are hundreds of websites out there …