stelomptam-com

Just another WordPress site

About Me

Dashy

Hello word I am dashy Guy

Tours Travel

How to protect WordPress
admin
4 mins

If you’re an Internet marketer, you probably already have enough on your plate. You’ve spent a lot of time putting together a good website or blog and are really concentrating on how to deliver your product or information. Unfortunately, there is a certain breed of people in cyberspace whose self-proclaimed mission is to break into your vault and wreak havoc.

If you are using WordPress as a blogging platform, here are some tips on how to protect WordPress

Keep WordPress up to date and backed up

Older versions of WordPress still have many vulnerabilities that are widely known in the hacker community. To their credit, the WordPress folks are always doing their best to plug security holes and are constantly updating. So your first line of defense is to keep your blogging platform up to date.

Medical Tip: To prevent your blood pressure from rising, always make sure to back up your blog before installing any updates. It’s a good idea to regularly keep a WordPress backup anyway, as a lot can go wrong.

Another tip is to remove the meta tags that tell the world what version of Wp you are using. This information is usually in the header file.

Keep your plugins hidden

One of the best things about using WordPress is plugins. While they greatly increase the capabilities of your blogs, they also contain certain bugs and vulnerabilities that hackers exploit. So make sure to keep them updated as well.

Anyone can easily see what kind of plugins you are using by visiting the wp-content/plugins folder. To prevent potential intruders from discovering the plugins you use, create an empty ‘index.html’ file and place it in your plugins folder.

It’s also a good idea to check your plugins folder and make sure the plugins in there are the ones you want. Some hackers, once they break into your files, upload their own plugin. So if you see something you’re not familiar with, delete it.

Here is a free WP plugin that keeps track of login attempts on your site. Many hackers use brute force to try to get your password. So if there are too many of them coming from the same IP address in a short period of time, the plugin will disable the login feature for that IP range. Login block: bad-neighborhood.com. Click on the login lock and you will be taken to the download page. Be sure to check out their other plugins for.

Change your passwords

This is an easy trick that is often exploited. You can have a more secure blog by inventing a crazy and difficult password. Even change it monthly if necessary.

But not just your WordPress login. Don’t forget your hosting account and ftp passwords too.

Headache Tip: Be sure to write down your passwords right away and keep them all in a safe place.

Secure the /wp-admin/ directory

Your most sensitive WordPress information is stored in the /wp-admin/ folder. By default, WordPress leaves that folder open, so people can access these files to make changes if they know what they’re doing.

To protect this folder:

Put an .htaccess file inside the /wp-admin/ folder to block access to all IP addresses except yours.

Here is the code you need to put in the .htaccess file:

AuthUserFile /dev/null

AuthGroupFile /dev/null

AuthName “Access Control Example”

Basic authentication type

order deny, allow

deny everything

allow from xx.xx.xx.xx

allow from xx.xx.xxx.xx

Now, if you ever find that your site is being redirected to another website, you will need to:

Check hidden code

This requires a bit more knowledge of the inner workings of WP on your part, so don’t mess with it unless you know what you’re doing.

Browse your theme files

Login to your WordPress dashboard, go to the theme editor and look inside your theme files. See if there are any lines of code that shouldn’t be there or contain PHP code that you don’t recognize.

Check your database tables

Some hackers upload fake images to your “Uploads” folder and activate them with a plugin call. To detect this, you need to open PHPMyAdmin, browse the “wp-options” table and edit the “active_plugins” registry.

In that log, you will see a list of all plugins that are active on your blog. Delete any that seem unusual or that you are not using

Browse your site files via FTP

Login to your FTP account and browse your site folders. You are looking for files that have a strange name or look suspicious. If you have another WordPress blog installed on another site, compare the file structures to make sure they match.

Tip to avoid a heart attack: Remember: Backup, backup, backup, before you start messing with anything!

Do not be afraid

billy ojai

Share :

Leave a Reply

Your email address will not be published. Required fields are marked *