Best Wordpress Security Settings and security practices

ValeriaMxc

New member
Registered
Joined
Oct 12, 2012
Messages
12
Points
0
I would like to hear from you guys about what all things we should advise to clients to make the wordpress secure and hack proof to the maximum extend.
If you want to protect your wordpress sites from hackers or doubting it is getting malware/virus, try these ways to protect your wordpress sites

Protect your wp-admin with htaccess password
Change Your WordPress Keys & Salts in wp-config.php
Install Wordfence Security to scan and find security errors on your site
Strong password for your admin account.
Decrease number of using Plugins on your sites if possible
Don't use free themes, they are many risks
Always upgrade to latest wordpress version
Set plugins and Themes to Update Automatically
Protect Your Most Pertinent Files Using .htaccess
for example:
Code:
<files wp-config.php>
order allow,deny
deny from all
</files>
Hide your author usernames by adding these codes into functions.php file
Code:
add_action('template_redirect', 'bwp_template_redirect');
function bwp_template_redirect()
{
if (is_author())
{
wp_redirect( home_url() ); exit;
}
}
The final line is you need to pick the Best Hosting for your websites, better is a VPS, a shared can get risks with local hack...etc.

Hope to hear other opinions!

Just my 0.02 cents!
 

CyberHour

Well-known member
Registered
Hosting Provider
Joined
Sep 9, 2016
Messages
109
Points
0
Free or Premium themes are the same, if they are bad coded / nulled / cracked ... the game is over
 

UltratechHost

Member
Registered
Joined
Aug 30, 2016
Messages
46
Points
0
To Secure Wordpress Website you need to:
1. Secure your wp-config file
2. Adding some firewall rules set or you can use Wordpress Secuirity Plugins
3. Use VPS instate of Shared Hosting (For Better Performance)
4. Never use much Plugins use the required amount of plugins and regular updates needed
5. Use Custom/Free/Premium Themes but need regular updates
6. Use Server site security like Nginx/CSF Firewall/Mod Security
7. Have stronger password
8. Enable Two Factor Authentication
9. Add IP Based Authentication to Secure Directory/Files
 

Optimidia

Member
Registered
Joined
Oct 5, 2016
Messages
42
Points
8
While I agree a lot of these suggestions are great, one of the most important I would say is to use a strong password and keep WordPress updated. The other day I had to clean a clients website from a redirect script because the client was using the username as the password.
 

Latest Hosting OffersNew Reviews

Sponsors

Tag Cloud

You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.

Top