Securing WordPress

This post is going to be a constantly updated feature, focusing on keeping WordPress installs as secure as possible.

WordPress is a third party application and is constantly being updated to imrpove and patch security issues.  It’s important to keep your install of WordPress and all Plugins, up to date.

Securing WordPressAbove all, ensure sure you make a regular backup, also when you’re about to install new plugins or make changes to your core site files.  As much as you try to keep the bad guys out by implementing some (or all) of these tips, having a regular backup taken of your site files and database provides peace of mind.

  • Admin User – Always create a new user with admin priveledges and delete the default ‘admin’ user.  The admin username will be a key target for hackers.
  • Keep WordPress up to date! – Always keep WordPress up to date to the latest version.  This is easy with the automatic update feature from within the WordPress admin area.  No excuses!
  • Use SSL in the admin area – This means encryption of all data during admin sessions in WordPress.  This involves adding a small peice of code to your wp-config.php file and having a dedicated SSL certificate.
  • AnitVirus Plugin – AntiVirus for WordPress is a smart and effective solution to protect your blog against exploits and spam injections.
  • Ultimate Security Checker Plugin – Helps you identify security problems with your wordpress installation. It scans your blog and give a security grade based on passed tests.

Leave a Reply