logo
Already a member? Login here

wordpress security´s archives ↓

How To Protect Your Site From Hackers

Before I show you the solution I found to protecting
my sites from hackers there’s something I need to
tell you first….

Since 2010 the National Vulnerability Database
has reported 222 WordPress vulnerabilities.
(below I’ve given you a link to the full list)

If your site uses free plugins it’s MOST at risk
from being hacked.

(That’s something most goo roos leave out after
loading you up with their list of the best
free plugins)

Here’s why…

Free plugin developers don’t have paying customers
to answer to…

So if there are bugs or back doors to hackers
they’re just not as motivated to get them fixed.

As I promised in yesterdays email here’s the
“paid” WordPress plugin I use to protect my
websites from hackers…

How to rename your ‘admin’ user

I have received many requests from WordPress site owners asking how to rename the WordPress ‘admin’ user. Knowing how to do this is a critical part of securing your site against the newest brute force hacks.

The rapid growth and adoption of WordPress as a publishing platform means that there are many newcomers to our community. So while this may be obvious to the many advanced users and developers on this list, please help spread tips like this to new WordPress users and help them maintain a secure site.

To rename your WordPress ‘admin’ user:

 

  1. Sign in as ‘admin’.
  2. Create a new user using the steps below.
  3. Choose a hard-to-guess username, but don’t make it so difficult that you’ll forget it.
  4. Make that user’s role “administrator”.
  5. Choose a password that has upper and lower-case letters and numbers in it. Symbols are OK too. Never use the word ‘password’ in your password, even if it has a different case and includes numbers.
  6. Click “Add new user”.
  7. Sign out as ‘admin’.
  8. Sign in as the new user.
  9. Delete your old ‘admin’ user and assign all posts/pages/comments to your new admin user.
  10. Congratulations, you now have a more secure WordPress system.

3 “HOT” WordPress Security Tips

Here are 3 quick and easy tips for securing your
WordPress blog (and a bonus that helps guarantee
your safety)…

1. Bad login attempts (brute force attacks)

This is when a hacker tries to crack your username and password
so they can access your website (and do who knows what!).

It’s done by using software that keeps on hitting
your login page trying to guess the username and password.

If you see lots of IP addresses accessing your login page
in a very short period of time you’ll know what’s
just happened.

TIP: Use a password that’s longer than 5 characters and
includes numbers and special characters. When you create
a new blog don’t use admin as the username.

2. Always keep up with updates

WordPress regularly releases updates to fix bugs
and patch security holes.

TIP: Look for the update messages in the WordPress
admin area and follow the instructions there. It usually
takes less than a minute to update and helps keeps your
software secure. Make sure you back your site up
before you do any updates.

3. Look out for ticking time bombs!

If you have old themes and plugins that you’re not
using anymore, especially when they haven’t been
updated, you can start the count down to your
next security breach.

TIP: Delete plugins you don’t use. Keep your
plugins updated. It’s simple and helps
keep you safe.

————-
Bonus tip 4:
————-

4. How not to get caught with your pants down…

TIP: Install a WordPress security plugin designed
to protect your site from everything I’ve
mentioned above (and more).

Here’s the security plugin I use and recommend…