“Never Surrender Opportunity For Security”
Is your WordPress blog/site safe from malicious attacks ? If not then don’t worry we will help you increase your blog security. Most often bloggers forget to take action for blog security in hurry of publishing content and driving traffic to their new blog. Most of the bloggers don’t think about securing WordPress site until it’s too late.
We are on Part VI of Money Making Blog Series for Newbie !. In Part V we have seen how easy it is to install WordPress with Hostgator which take rarely 5 minutes. After installing any new blogger will surely go for setting up theme and start publishing content on his blog but this is wrong. But we will make a Secure WordPress blog with taking important steps.
NB : It is not common to have 100% secure WordPress site but it will be highly safe from your side.
Today I will tell you some solid and basic security action that you must apply on your blog. So here we start, but why one should secure his/her WordPress site?
Why to Secure WordPress Site ?
As we all know WordPress is the most popular platform for creating blogs and sites. Due to this reasons many hacking attacks are used daily to hack WordPress site if you didn’t start taking action to secure your WordPress site then you may be their next victim.
If a blog has been hacked it may loss content, extensive downtime etc. If you are successful in maintaining your blog security then it will help you provide your customers service at it best as well as it will protect your reputation.
How to Secure a New WordPress Blog ?
Here are some security measures you should apply on your money making blog to protect your blog from hacking attacks. What we will do here is make some changes in database setup, we will rename some key directories, we will rename some key urls etc.
#1 Delete “ADMIN” Username :
Hackers look for those blog which use “admin” as their username. Because they got half information i.e Username if you are using “admin” as username then you are saving a lot of time for hackers. After that they only have to do is identify the password. Once they get to know about your password they can log in to your WordPress site and can do anything they want.
So 1st step to secure your WordPress blog is create a new WordPress profile and delete the admin user profile. Now it will make it difficult for any hacker to hack your money making blog.
How to Create New WordPress Profile ?
To create new WordPress profile, follow this simple steps :-
- Open WordPress Admin Navigation
- Go to Users
- Now Click on “Add New“
- Fill all the required details and assign Administrative role to it.
So that you can make necessary changes in your blog. After you had created new WordPress profile log out and again Log in with your new Username and Password.
Again go back to Users and delete the “admin” user profile. Here you will get an option to transfer the post authored by admin user to your new profile. Choose that so that you don’t lose any content.
#2 Update your WordPress to Latest Version :
WordPress Software, plugins and theme is updated frequently with the latest fix to in response to those security vulnerabilities.
Whenever any WordPress update is available you will get a notification at the top of your dashboard. Updating is very simple and it 1 click process from dashboard or you can also do it manually via FTP.
#3 Install Security Plugin “Better WP Security” :
We Will make some changes using this plugin as i had mentioned above. After Installing an activating this plugin, you will find a new option in your menu bar called “Security” Click on it. New Window will appear, we want our WordPress blog to protect it against some potential attacks. The best idea is to activate one click protection on your blog and after that you don’t need to worry about it.
Click on “Secure my Site from Basic attacks” after you have click some basic security measures will be applied :
- Your Log in area is protected from brute force attacks.
- This plugin will block attackers who are trying to scan your website for vulnerabilities.
- Non-Administrative will never see available updates.
Here are some security measure you need to take care for your blog. You will find some of these in your plugin dashboard as well :
Now time has come to make our WordPress blog security more stronger. At 1st we will go for changing blog database table prefix wp_ to something else. Look for the notification naming “Your Blog Prefix should not be wp_” click on it to rename it. One new page will appear, you will find a button click on it to confirm renaming. Better WP Security will generate random prefix and it will rename all tables of your database.
Now our 2nd step is to hide admin URL of WordPress blog. Normally admin URL of any blog will look like http://www.xyz.com/wp-admin.php by replacing wp-admin.php to something else we can make our WordPress blog more Secure. To change this visit your Security Plugin Dashboard there you will find an option which says “Your WordPress Area is not hidden” click on it to fix.
In the next window check the box to hide Backend, Now enter the slug that you want to have at the time of log in and that should be known only to you. Example : http://xyz.com/moneygossips.
Now our next steps is to work on User with ID 1. Hackers know about this and they have many scripts to crack entries with user ID 1. So go to your security dashboard, and look for “A user with ID 1 still exist” go there and click on Fix it, a new page will appear there you will find an option to change User ID 1 to some random click on it and it’s done.
These are some basics and recommend steps to secure your new WordPress blog. However there are some more steps you can take to increase your blog WordPress blog security, but this are more important in terms of security. There are many WordPress Security Plugin but i will not mention them here , because it will only confuse you rather than helping.
In Part 7 we will discuss “How to Choose Perfect Theme for your Money Making Blog” until then, If you face any problem while securing your WordPress Blog or want to share your thoughts on this, feel free to drop a comment below.