WordPress Safety Tricks and Shortcuts
WordPress is everywhere. This is a great thing, and a not-so-great thing. The beauty of WordPress’s ubiquity is that we are able to come together and discuss very specific topics. I know from experience that security and safety are a VERY important part of running a blog or a website, so I’ve pursued this nook very very deeply.
Tons. Though I know your time is brief, I’ll try to arrange my blog and website security help in a way that actually drives the safety tips home, without endlessly reading.
1 Plugins and Updates
For plugins in general, keep the updated. In fact, see what you can do about enabling automatic updates for plugins. There are some server-side software products that can save you time and worry. There are also on site plugins (Such as Jetpack, though I am not a big fan of Jetpack), which will aid your auto updates.
There’s also core edits you can add to your WP-CONFIG file that will enable WordPress to update itself. Any WP-CONFIG core additions are a better approach, as their effects are certain, and aren’t just ‘another plugin’.
2 WordPress Security specific plugin
I recommend using Wordfence for securing your WordPress blog or website. It has oodles of options to tailor your level of security based on your paranoia or experience. Though they raised the price on the premium keys, which has deterred me from buying more.
Login Limiter – Though Wordfence can handle this, there’s other login limiters that can really deter the main avenue of attack against your site – Brute Force.
Hide Login – Just do a WordPress plugin search for ‘hide login’ and you’ll see a couple of nice options that allow you to ‘move’ the login page -> Typically located at /wp-admin or /wp-login.php <- Again, this is a common avenue of attack, and therefore a weakness, as that will be where an attacker will target first.
Thereby, HIDING your login page, as well as LIMITING login attempts, as well as choosing a complex USERNAME and PASSWORD; You have already taken massive steps to limit the potential of your WordPress site becoming the victim of compromise or attack. I can rest easier now, can you :)
3 WordPress Admin habits
Dude, just make a more difficult password. Three words, add special characters, and periods. Periods are you password lifesaver, for real!
Username: Do not choose admin as your login name. Admin is probably the most widely used administrator name for WordPress users. Sure, it’s short and easy to remember – That also makes it one of the primary targets for attackers. Please come up with something more unique. As well, you should choose a nickname from your personal dashboard.
A WordPress user nickname hides your actual login name, allowing you to post blogs/posts without giving away your login name -> Very important, very huge.
4 WordPress Security Website
A rising force in WordPress safety help, is the WordPress experts at Canadian Web Creations which takes the goal of helping blog masters and webmasters stay safe very seriously. By making a focused community and resource log for all things WP/Security, they’ve helped carve out a specific corner where a vital interest to a big portion of the web can seek refuge and information.
They plan on having a community section with forums and social interaction, as well as a video section, and general knowledge-base.
The prospects for your blog or website just increased. Be sure to take note of the main tips that can eliminate the BIGGEST risks:
Eliminate WordPress Risks Now:
- Hide your login/dashboard access page
- Never choose ADMIN as username
- Use a Plugin to Limit login attempts
- Add periods or spaces to your password