WordPress is the most popular blogging and CMS system on the Internet. To protect your security from hacker attacks follow the below steps.
Keep your WordPress site and plugins up-to-date
Protect your WordPress Admin Area
It is important to restrict the access to your WordPress admin area only to people that actually need access to it. If your site does not support registration or front-end content creation, your visitors should not be able to access your /wp-admin/ foder or the wp-login.php file. Get your home ip address and add these lines to the .htaccess file in your WordPress admin folder replacing with your IP address.
<Files wp-login.php>
order deny,allow
Deny from all
Allow from xx.xxx.xxx.xxx
</Files>
To allow admin access in multiple computers, simply add another Allow from xx.xxx.xxx.xxx statement on a new line.
Don’t use the “admin” username
Use strong passwords
Secured WordPress hosting
Host your website in secured hosting account. Some of the features that you should look for are:
- Support for the latest PHP and MySQL versions
- Account isolation
- Web Application Firewall
- Intrusion detecting system
Ensure your computer is free of viruses and malware