Some WordPress Security Tips
Today we will talk about some WordPress security issue and what mistakes you are doing after installing WordPress. So let’s check some security tips you need to know.
1. The first mistake everybody does after installing WordPress is use “admin” as their username. Don’t do this mistake. It clears the halfway to a hacker to hack your website. If you already running your WordPress with an “admin” user name. Create a new admin user and delete the current one.
2. Always use the latest version of WordPress. Update it every time when you get a new version. Same things with themes and plugins. Use the latest version of theme and plugins.
3. Create a backup after installing this WordPress. You can do it manually or use wp-db-back plugin to generate backups. It will create your WordPress site backup automatically and send you via email.
4. You can use two kind of WordPress theme for WordPress. Free and Premium. A premium theme can cost you 20-100 Dollars. If you don’t want to spend money for themes you can choose themes from WordPress free themes gallery. But remember, never use nulled, cracked or pirated version of WordPress theme. It may contains malicious scripts which help a hacker to hack your website.
5. When you are surfing around the internet and likes a WordPress site design you can check their theme using WordPress theme detector tool. It will also show you what plugin that site is using. http://www.wpthemedetector.com/
6. WordPress permalink is an important matter. Permalink is the link which you finds when browsing a web page. Suppose. You have an article “WordPress Security”. If your permalink shows www.mysite.com/post-123 its not a user friendly url. You traffic will not understand what he is going to get on this article. It is better to use post name on article like www.mysite.com/wordpress-security.
7.Use these code to your theme’s function file. It will remove unnecessary feeds from your website.
remove_action( ‘wp_head’, ‘feed_links’, 2 );
remove_action( ‘wp_head’, ‘feed_links_extra’, 3 );
8. Maybe you notices when you edit any post or page you see ‘Revisions 5’ type’s text on the right sidebar. WordPress stores how many time you edited a contents. It make your database heavy and make website speed slow. Use these codes to your WordPress wp-config.php file to prevent this.
define( ‘WP_POST_REVISIONS’, false);
9. Remember you can get too many comments on your site. But it doesn’t means all will be genuine. You will get spam comments more than genuine one when you starts your website. You can use WordPress default akismet plugin to moderate these spam comments.
10. Your wp-config.php file contains all your WordPress security and database information. If anybody get access this file he can hack your website within a minute. So you need to hide this file. Add this codes to your .htaccess files and it will be all done.
order allow,deny
deny from all
Last Words
For building a WordPress website you don’t need any coding knowledge. But if you really want to create an amazing website you should learn some extra coding. And for learning some coding you have a great teacher. Google.