Build an Income Generating Blog: How to Secure your WordPress Blog
WordPress is a piece of software, and like any piece of software there are occasionally security problems. There are a few ways to help minimize any problems you may have especially from hackers and Spammers. Please note, although your blog cannot be 100% secure, following the simple steps that would be outlined later can vastly reduce the chances of your blog being hacked.
How to Secure your WordPress Blog
1. Change your WordPress Username and Password Often
When you first set up your blog, you are given the username of “Admin” to access your dashboard. It is best to change this and your password to something more difficult for a potential hacker to guess. To change the name, follow these steps:
Step 1: Log into your WP-Admin dashboard through https://www.yourdomainname.com/wp-admin, click “Add New” under the “Users” menu tab on the left hand side.
Step 2: Add Username, First Name, Last Name, E-mail, Website (optional) and Password. Make sure the “Password” appears as STRONG in the Strength Indicator Tool.
Step 3: Change the “Role” to “Administrator” and click “Add User”
Step 4: Log out of your dashboard and log back in as the new user you just created.
Step 5: Click “Authors and Users” under the “Users” menu tab on the left hand side.
Step 6: Hover over the old admin user and press, “Delete”.
Step 7: You will be asked if you want to delete all posts and comments assigned to the admin user or transfer them to another user. You should transfer them to the new user you just created. Check the box “Attribute all posts and links to:” the new username and click the “Confirm Deletion” checkbox.
Step 8: Edit the new user account you created and change the “Display name publicly as” field to the name you wish your blog posts to be ‘authored by’. If you don’t perform this step, all your blog posts will publicly display the author as your dashboard admin username.
Step 9: Scroll down to the bottom of the page and click the “Update Profile” button.
2. Install the Login Lockdown Plugin
This plugin locks a user out if they enter the wrong password continually within a specified time you choose in the settings. They will be locked out for a specified time. You can control the settings via your WordPress dashboard. Install and activate the “Login Lockdown” plugin. Once installed, there are no changes required.
3. Install the Secure WordPress Plugin
When you enter a wrong password or an invalid username, you get an error message in the login page. So if a hacker gets one thing right, the error message will help them identify that. Therefore it is recommended you remove that error message entirely using this plugin. Install and activate the “Secure WordPress” plugin. Once installed, there are no changes required.
4. Install the WP Security Scan WordPress plugin
This scans your WordPress installation for security vulnerabilities and suggests corrective actions. After installing and activating, there will be an extra left-hand menu tab entitle “Security” in your WordPress Dashboard. Use the settings to fine-tune the security.
5. Keep WordPress up-to-date
Keeping WordPress up-to-date also helps with security. When you log into your WordPress Dashboard, it will inform you with a message across the top of your screen that a new version is available. To upgrade simply log into your dashboard, click “Backup DB” under the “Database” menu tab on the left hand side.
Click on “Backup” then Click “Upgrade” under the “Tools” menu tab on the left hand side. Click on the “Upgrade Automatically” button. A confirmation page of the upgrade will be displayed.
6. Keep your plugins up-to-date
Keeping your plugins up-to-date also helps with security. When you log into your WordPress Dashboard, a number appears on the menu next to “Plugins” if you have out of date plugins. To upgrade, simply click on Plugins and for each out of date plugin there will be a link to upgrade automatically. A confirmation page of the upgrade will be displayed.
Performing the above steps will help improve the security of your WordPress blog. I will teach you more steps you need to take to secure your WordPress blog as soon as I get to know more of them. If you have another step to secure WordPress blog you can share it as a comment on this post. Till then, you should subscribe and become part of our readers through Facebook, Twitter, RSS, Email etc.
If you need any WordPress help, just ask in the comment form provided further below.
These are the related posts for this post.
- How to Build an Income Generating Blog from Scratch 5: Install WordPress with Fantastico
- How to Build an Income Generating Blog from Scratch 6: Get your blog indexed by Google
- How to Build an Income Generating Blog from Scratch 8: Add content, images and Videos
- How to Build an Income Generating Blog from Scratch 2: Choosing the right blogging platform
- How to Build an Income Generating Blog from Scratch 9: Making Money from Your Blog