5 Steps to Keep your Wordpress blog Safe and Secure

Wordpress is the widely use CMS for publishing content online by amateurs and professionals. We know from experience that having your site hacked is no fun. In general you have nothing to worry about if you can keep your wordpress updated to the latest version and using strong password. There are however, a hand full of potential security risks, when running a website. You the website owner need to pay attention to these potential security risks in order to secure your website

Most of the time content publishers dont think about security measure before it gets too late. Wordpress being a famous platform for the bloggers is often a target of the hacking attacks by security breachers like brute force login attempts and other security vulnerabilities, but there are some simple steps to keep your blog safe and running well.

 Here are 5 Steps to Keep your Wordpress blog Safe and Secure

1. Create a new username/Don't use 'admin' as your username

If your username is 'admin' then its easy for hackers to gain access to your blog and do whatever they want to, because its the half of the information they needed to gain access. Hackers look for a wordpress blog which one is having a default username as 'admin' and it helps them to gain access by brute force attack with a bunch of common passwords.

Many people still use 'admin' as the username because its easy to remember for anyone or the auto installation scripts from hosting websites also set admin as the default username.

You can easily fix it up by creating a new account and giving it a role of administrator, after that login from your new administrator account and delete the default 'admin' account. If you have posts published by the 'admin' account, when you delete it you can easily assign them to the new administrator account.

2.  Always use a Strong Password

After getting told by many people around to use a strong password, some people still like to input a simple password that is easy to remember and they don't have to write it on a sticky pad to remember. Although, a simple password which is easy to remember also becomes easy to crack for a hacker.

You have to use a strong password with some digits, lowercase letters, uppercase letters and some special characters like : 12SUPERgeek@12#

Make this a requirement for the every member of your wordpress blogging team.

3. Backup Regularly

We can't overemphasize the importance of making regular backups, even with the most secure blog with best security measures, unexpected things could happen at any moment without any notice to it. Still most of the people put it off when its too late. Any unexpected upgrade could leave your website open to an attack.

Its always recommended to perform a full backup of your blog/website, which means both the database and the files. In case something happens to your blog/website you can recovery it to its actual glory in just minutes.

The most convenient and acceptable way to do backups is by using backup plugins. One of them is 'BackWPup', install and activate this plugin, while setting it up you can even setup whether you wanted the backup files in your email or get it uploaded to your dropbox account automatically. Its easy and reliable.

4. Limit Login attempts

You can limit the login attempts, using this plugin, if a hacker is trying to log into your blog using a bot and a bunch of common passwords, this plugin can limit the login attempts from a single IP address.

This plugin allows you to decide how many retries will be allowed and for how long a IP is blocked to login after too many failed login attempts.

Some attackers might use a large number of different IPs but its worth doing as an additional precaution.

5. Keep Wordpress and Plugins Updated

Always update to the latest versions of Wordpress, or the themes you use or the plugins used by you on your blog. One of the reasons developers update their software and plugins because of security vulnerabilities found in the previous versions, thats why every new release of wordpress contains patches and fixes that address real or potential security threat. If you don't keep your website updated you could be leaving yourself open to the attacks. Wordpress will give you a notice on the top of your dashboard 'Wordpress X is available! Please update now !'. Its a simple one click away update to the new wordpress version.

As of plugins, please don't download those from any unknown source except the 'Wordpress Directory'. As the plugins from unknown source could be containing some malicious code in, and leave you open to the attack.

No more hacking.

Its important to have security discussions to keep you one step ahead of the hackers. No need to panic just go with the updated. Stay strong and take backups regularly. Follow the above steps and your blog/website will be harder to break into. Happy Blogging!

We will surely discuss more about security in the future.