Share to

Protect Your WordPress Website from Hackers

As some thing grows popular, everybody in the world wants to be a part of it. There are two methods, one you work hard and take some benefit of that thing and the other one is the wrong path to steal others hard work. In today’s article, I will explain you about the insecurities faced by WordPress and how you can protect your site from the potential hackers.

WordPress now owns about 80 million plus website around the world, and the thing which is most frightening that more than 70% of WordPress are vulnerable to be hacked.

After someone hacks your website, he could damage your website in certain ways you don’t even know. The most common of them damaging your data on the site which will lead to the degrading of your sites reputation. Which ultimately effects the traffic, money and confidential information.

Even if you git rid off the hacker, the time and stress you will face to clean your website is priceless.

Here I will tell you some most common practices which will aid you towards the extra protection of your website.

Protect Your WordPress Website from Hackers

No. 1: Use of Strong Password

The most common and most important point. Make sure that the passwords link to your WordPress website are strong enough that no one can make any trouble by simply guessing.

Especially be sure about the password which you use for administrator. Password must be simple enough that you never forget the password but strong enough that even someone know the password but cannot open it by simple spelling it. For example

in Place of “Simple Password” you can write “$1mp!3p4$$w0rd”

Simply use resembling letters or symbols in place of proper alphabets.

To change the password of your WordPress website, Click on the User than Edit and than scroll down to fond change password.

Protect Your WordPress Website from Hackers

No.2: Protection of xmlrpc.php file:

This is another common method used by the hackers to hack the website. xmlrpc.php is the file which is used to communicate remotely with the WordPress.

Hackers uses xmlrpc because it is enabled in WordPress 3.8 to avoid the distributed denial of service attacks, which results in casing server related problem and let the website down.

If you are using the facilities like jet pack, WordPress app, Pingback and trackbacks you must need to enable xmlrpc.

To make sure that no one get access to your website’s xmlrpc add the following to your .htacess.

Protect Your WordPress Website from Hackers

No. 3 Keep your WordPress and Plugins updated:

The other common method to get unauthorized access to your website is through plugins. Most of the plugins that free can dangerous as these can cause vulnerability to your sitr to be hacked. The most feasible method to protect you website if you are using these type of plugins, keep them updated to their latest versions.

Although the companies are showing more interest towards the security loop holes, espacilly the paid plugins manufacturer taking it seriously.

Beside everything done by the companies your must have to review the plugins that you are using. Update them to their latest version and if there is any plugin that is of no use try to remove it form your site before it cause any problem to your WordPress website.

No. 4 Review Your comments and discussion settings:

If there is option of openly commenting on your site, Please review the setting of the discussion. You must be sure of the that every comment will be approved manually. This will surely increase the work load on the administrator, but along with this hardship you will able not to post any type of spam comment which will lead to any problem.

Another thing you must check that your Akismet is activated or not and also that Captcha is used on all contact forums by you.

Protect Your WordPress Website from Hackers

No. 5 Review your server settings:

In the hacking of a website,hacker not only attacks on your website but it also attacks the server from where your site belongs.

The thing which you could possibly use to save your website from such type of threats are

Using strong passwords for admin and FTP
enabling of email of any logging in to your website.
to do this you must contact your server host because there is different method for each of the sever host to change the setting.

No. 6: Moving your website to reliable host

Any serious blogger or a website owner must be using its own VPS host. And if your website is still on shared hosting, you should consider of changing it to your own VPS host. Although, to own a personal VPS is a bit expensive but the benefits which u gain especially in case of security are priceless.

In Web world there are thousands of companies that are offering VPS hosting. Spend your time to find a new reliable VPS hosting for your site, which will give your website good and fast support.

Leave your comment

Please enter your name.
Please enter your email address.
Please enter a valid email address.
Please enter comment.