Numerous hacking
attempts come to any type of site every day. The WordPress platform itself is
very secure. Nevertheless, you need to do some extra work on your own for the
security of your site. If a site built at a cost of thousands of rupees is
hacked, then there can be nothing sad about it. In this post, I will share 11
tips to secure your WordPress site. Let's get started
1. Install the security plugin
First, install a
security plugin. This will ensure all kinds of basic security of your site. My
favorite security plugin is iTheme Security. There are both free and premium
versions. I use free.
2. Keep your computer virus-free
To keep the site safe,
you must first keep your computer safe. If a virus attacks your computer, it
can easily spread to your site. First of all, install good antivirus software
to keep your computer safe. Also need to check for regular viruses and malware.
Properly set up your computer's firewall, it provides a lot of protection from
online viruses and malware.
3. Use a good hosting company
Whether your site is
functioning properly depends a lot on the hosting company. If the hosting
company is good, you can be sure of many things like a regular backup of the
site, good speed, security, etc. So you have to buy hosting for a site from a
good company. Take a little research without buying from the place where you
are offering the lowest price. Remember "the better the thing, the higher
the price": p.
ExonHost is my
favorite hosting provider among Bangladeshi companies. In the video below, I
have shown you how to build a site by buying domain hosting from ExonHost. If
you want you can see দেখে
And if you want to buy a domain hosting from any international marketplace, I would definitely suggest
NameCheap. Many of my sites host them here. Alhamdulillah, I have not had any
major problems so far. Moreover, their customer support is also very good.
Click here to buy a domain hosting from ExonHost (Affiliate Link)
Click here to buy a domain hosting from NameCheap (Affiliate Link)
4. Use good themes and plugins
The most common mistake that beginners make is installing themes and plugins without judging.
There are many plugins that can crash your entire site if installed. If the
theme is not good, the speed of your site will be bad, it will not load
properly, anyone can easily take hacking attempts. So before installing themes,
plugins, etc., you need to see if they are good, how they are reputed, how the
user reviews, etc. Install a theme/plugin only after judging everything.
Themes/plugins
cannot be downloaded from an unknown source. Also, it's best not to use themes/plugins that haven't received an update in at least a year.
5. Keep everything up to date
Always keep your
WordPress version, plugin, theme etc up to date. Because each update eliminates
many problems, leaks, security holes, etc. of its previous version. It is best
if you select the automatic update setting in WordPress. This will
automatically install all major updates.
6. Use the strong login information
The stronger your
login information, the harder it will be to hack your site. So login
information needs to be strong. Strong information means information that a
hacker can easily guess. Make your site's WordPress login password as difficult
as possible. Spell a password of at least 8 to 12 characters with normal
English letters, a combination of lowercase and uppercase letters, numbers,
symbols, etc., such as KawSar4561 @ # 8 !. Also, leave the username by default
admin and leave something else that you will know.
7. Two-factor Authentication
This is a great feature that many security plugins offer. This feature multiplies the security
of your site. What it does is, no one can access your site with just login
information. He has to go through an extra step like mobile code verification.
This prevents most hacking attempts.
iTheme Security offers
this feature, but only to premium users. That means you have to buy their
premium version to use it. There are also other plugins that offer this
feature, e.g.
- Duo Two-Factor Authentication
- Google Authenticator – Two Factor Authentication
- OpenID
- WP Security Question
8. Hide login page
All of us who use
WordPress knows that the default login URL is www.domain.com/wp-admin. Hackers
can easily take hacking attempts. If you want, you can change the URL of the
login page with the help of an extra plugin and give something else of your
choice. The hacker will not be able to find the login page. Cerber Security
& Antispam, WP Hide & Security Enhancer plugins can do this.
9. Install SSL
Installing SSL will
keep all sensitive information on your site secure. SSL is a must, especially
for e-commerce type websites. Even now Google has SSL as one of their ranking
factors.
10. Regular backups
Of course, your site
needs regular backups. One of the problems with WordPress is that even a small
plugin can cause your entire site to crash. So if you keep a regular site
backup, you can use the backup for any need. Good hosting companies
automatically back up your site to them. However, I would recommend using a
backup plugin that will keep regular backups of your site in a remote storage
(Google Drive, Dropbox, etc). I use Updraft Plus in this case. It's absolutely
free.
11. Never use nulled themes
Nulled themes /
plugins are themes/plugins that are premium, but you can download them
illegally and use them for free on your site. In most cases, such nulled themes
/ plugins contain viruses, malware, etc., which can instantly destroy the
security of your site. So this kind of thing can not be used at all. Although
not very tempting.
0 Comments