Friday 30 November 2012

How to Secure Wordpress Website from Hackers

Sophocles is said to have stated – Always desire to learn something useful. That is what this article intends to offer; useful information for your use with your WordPress blog or website.

As most of you know WordPress is very popular due to its ease of use and its versatile approach to the individual’s needs. With its vast library of plugins users can seamlessly manage their website without the added expense of a webmaster.
Thesis WP themes allow that seamless creative time that you spend when setting up your site. But users beware! As great as this software is for the majority of people who are not techies, WordPress offers a wide open opportunity for hackers.
Even though Thesis WP themes are great software products, it is an absolute necessity that you spend the little extra time that it requires to secure your blog or website against invasion by the cyber scum that inhabits our planet!

1. Armor plate your Admin folder.

This may be a bit technical for some of you but bear with me as you need this information. Add a file called .htaccess file to the admin folder to block all IP addresses except the ones you use. Place this .htaccess file in the “WP-Admin” folder of your Thesis WP themes blog.

2. Pick a Private Password.

As obvious as this is (or should be) password selection will make or break your privacy on your site or blog. Think outside the norm (birthdays, anniversaries and such are the norm) use a combination of capital letters, small letters, punctuation and numbers to ensure that what you create is unique.

3. Remove your Default Admin User.

Thesis WP themes installations come with an admin user as a default.  And because they know this the cyber scum go there first. I suggest that you delete this user after you create a new user that has admin rights but does not read admin. After you create this user log out and then log in under that name. Once in delete the original admin and you are one step further away from being hacked!

4. Backup your Database.

Thesis WP themes are some of the most secure products available in WordPress. As secure as they are it remains that you never know when an attack will occur that is far beyond the security level of that version. Hackers are infamous for succeeding when and where they want – and all we can do after the fact is regroup, re-install and move on. The problem that exists for many folks is in the absence of a backup of your data. If you do not get in the habit of backing up your work frequently (daily in my book) then you are leaving yourself set up for disaster! When the hackers find you (and they surely will) if you have not taken the precaution of backing up your work it will be gone forever! So take a hint, hear the call, whatever it takes but get in the groove of backing up your data ritually. Daily is what I recommend. But it’s your data – do as you see fit!

5. Update to the Latest WordPress Version.

If you are not aware of the fact that hackers seek out the weak and vulnerable please become aware within this article! The weak and vulnerable are defined as those that do not upgrade their plugins as often as WordPress provides the upgrade! Just remember that hackers KNOW the old version and if that is what you are using then you can expect them to be living on your site! Upgrade frequently – just say NO to hackers! If you are installing a new version of Thesis WP themes be sure to get the latest version available. I suggest that you get it from the official WordPress site and follow my other suggestions on keeping it updated.

6. Update your Plugins.

I strongly suggest that you use only plugins that have the approval of the WordPress folks. They will have tested these plugins prior to adding them to their official WordPress library. I am not suggesting that third-party plugins are bad; I am suggesting that if you decide to use one do the extra bit of investigation and make sure that you can trust the source. Thesis WP themes will work with virtually any plugin that you find. Consider backing up your data before you install any new plugin – just in case!

7. Update your Themes.

Update your Thesis WP theme as soon as an update is available. Use the WP Theme Scanner. If there is an issue the scanner will let you know.

8. Install ONLY WordPress Security Plugins.

When it comes to using plugins for your WordPress site, it might be advisable to thoroughly check out the third-party vendor that you are getting your plugin from so that you have a solid trust of the product. This is not a slur on third-party vendors – most of them create excellent product – but on the other hand WordPress folks test each plugin prior to offering them on their site which is intended to give the end-user that warm fuzzy feeling.
As you probably are now aware, site security is a daunting thing. But remember this, for the few minutes it takes to install a plugin you will reap many times more hours of peace and tranquility without having to worry about attacks! And remember what William James once suggested to take action as though what you do makes a difference, because it does.

0 comments:

Post a Comment

Your Comment Posted After Approved.