Easy Ways That Help You Protect Your WordPress Blog
I’ve moved my blog, Computer How To Guide from Blogger to WordPress by myself a few months ago and it was a great learning experience. WordPress is no doubt a great blogging platform and I certainly have no regrets on making the move. As many blog owners know (and some of them may have learned the hard way), there are many potential security problems with any blog or website. This is also true with regard to WordPress blogs. In this article, you will learn some easy and simple to apply ways that help you protect your WordPress blog. Implementing them on your blog is a significant step towards making it secure.
Use a Secure Password
Ideally, the password should be at least eight characters long and it should contain at least one special character, number, and a capitalized letter.
Change the Password Periodically
Even if you have a good password, changing it every now and then would give your site more security.
Upgrade WordPress and the Plugins
Run WordPress upgrades as soon as they are available. The upgraded version may fix some security problems that exist in previous versions. People who are trying to hack WordPress sites are often looking for victims among sites that are using an outdated version.
Do Not Let People Browse Your Site’s Plugin Directory
One should be careful with allowing people to see the full contents of any directory, but in particular, the plugin directory contents should not be left visible. To fix this, you may add an empty index.html page to the directory wp-content/plugins/ or make changes to the .htaccess file.
Make the wp-admin Directory Secure
You may use plugins such as AskApache Password Protect and Login LockDown to add more protection here. You could also allow only certain IP addresses to use the wp-admin directory with .htaccess, but this solution has its problems. If you have a dynamic IP address on your computer or if you need to access your site from many locations, the system may restrict your access.
Be Careful With Excessive Use of Plugins
There are many useful WordPress plugins, but since these come from various sources and are not necessarily well tested regarding security issues, they do tend to raise the risk level. Minimally, it would be a good idea to spend some time searching the web for reviews and user comments regarding each plugin that you decide to use on your WordPress site.
Use Security Plugins
Despite what was just said about plugin use in general, it is also possible to enhance security with the use of certain plugins. In addition to the ones already noted above, BulletProof Security, WebsiteDefender WordPress Security and WP Security Scan are some plugins that could be mentioned in the context of various ways that help you protect your WordPress site.
This is an overview of things you can do to make your WordPress site more secure, it isn’t meant to be all-inclusive. Do share your thoughts on ways to help protecting your WordPress site in the comments. Happy and safe blogging to all!
Peter loves writing on computers and technology related topics. Recently he discovered an awesome trick for your browser called Google Sphere. These days he is busy in writing an article on how to prevent cell phone hacking.
Share this article
Category: Hacking & Seurity, Tips & Tricks, Wordpress
About the Author (Author Profile)
A fun loving person, Peter is the webmaster of ComputerHowToGuide.com. He loves to write on topics related to computers and technology. You can follow him on his Twitter handle @com_howtoguide.Subscribe
If you enjoyed this article, subscribe to receive more just like it.
Twitter: Jajodia_Saket
says:
You can also use Limit Login plugin to limit number of invalid logins from hacker and all.. I get 100s of invalid logins everyday but this and few other plugins saved me from so many daily request.. And Thanks a lot Peter, for this tips.. Its really helpful..!!
Twitter: com_howtoguide
says:
You’re welcome and thanks for the addition Saket.
Peter Lee recently posted..How to Incorporate Facebook Into Your Ecommerce Sales Process
Twitter: Jajodia_Saket
says:
Anytime.. My Pleasure..!!
I am sure this info will help a lot of newbies..!! 
Saket Jajodia recently posted..Watch The Ultimate Steve Jobs Video Collection
Twitter: itechcode
says:
Yes Saket Limit Login Plugin is Best for more security. I am using BPS and Limit Login both are doing well. Thanks peter, For sharing the tips with us.Thanks.
Amit Shaw recently posted..How SEM Marketing helps your Business
Twitter: com_howtoguide
says:
You’re welcome Amit. For some reasons your comment went into spam and I went into the spam folder to un-spam it because I know you
Thanks for reading and sharing your thoughts.
Peter Lee recently posted..How You Can Use Twitter For Marketing
Those are some wonderful tips. It should be of great help for people to protect their WordPress blogs. I guess upgrading WordPress and the plugins should be the the most important thing that one must keep in mind.
Thanks for sharing.
-Peter
Twitter: com_howtoguide
says:
That’s right. Thanks for the comment Peter.
Peter Lee recently posted..The Most Common Computer Misconceptions
Twitter: RedSchubox
says:
Awesome Tips, I am glad that you have shared them here. Now I have an idea on how I could keep my blogs protected.
Arwin recently posted..5 Reasons Why PC Gaming Systems are Better Than Consoles
Twitter: com_howtoguide
says:
Glad the article helps. Thanks for reading Arwin.
Peter Lee recently posted..Computer How To Guide Android App
Twitter: expothemes
says:
I think you missed about using pirated plugins and themes.
Most of WordPress sites are hacked due to use of pirated plugins and themes.
Twitter: com_howtoguide
says:
Yeah you got a point there Pradosh. Thanks for sharing your thoughts.
Peter Lee recently posted..Computer How To Guide is now Page Rank 2
Twitter: webmaisterpro
says:
WordPress is pretty much secured well. And of course there are regular updates. Protecting admin are is a good think, but I doubt that anybody will try that kind of attack on WordPress blog. Most plugins are secured too, I think there is a list of vulnerable plugins on the main website. May be I can add DDoS protection as a good idea especially if the blog is very popular.
Carl recently posted..Do Brides Find You Pinteresting? Does Google??
Twitter: com_howtoguide
says:
We wouldn’t know if there would be attack or not on WP blogs, better be safe than sorry. The tips that I’ve mentioned in the post are some simple steps that one could take to make his/her blog more secured. There’s no such thing in the world as “guarantee secured” anyway. Thanks for the comment Carl.
Peter Lee recently posted..The scoop on Windows Kinect
Twitter: webmaisterpro
says:
I absolutely agree with you, it is better to be prepared. I think your guide is very good, probably one think that it is critical and missing is regular back up.
Carl recently posted..Moving Check Lists Will Assure You Are On Task And On Budget
Twitter: bsbhupendra771
says:
Apply limited login to secure your website for hacking and try to best plugin like BulletProof Security.by doing this we definitely secure our wordpress website.
Bhupendra recently posted..Make Money Selling Photos Online
Twitter: com_howtoguide
says:
That’s right. Not only BulletProof Security, there’re many more of these plugins that could help in protecting a WP blog. Thanks for dropping by Bhupendra.
Peter Lee recently posted..Does Email Have A Place In Modern Computing?
Twitter: JanusNg
says:
I’m aware of upgrading WordPress and plugins and limiting the amount of plugins. Thanks for sharing the other useful tips Peter
Janus recently posted..The Best 17 WordPress Plugins For Your Website In 2012
Twitter: com_howtoguide
says:
You’re welcome Janus. I’m glad to see you here
Thanks for commenting.
Peter Lee recently posted..How I Increase My 400 Twitter Followers By 3 Times
Twitter: com_howtoguide
says:
You’re welcome… errr…, what ever your name is
Peter Lee recently posted..Why Having Only One Antivirus Product Isn’t Enough Anymore
These are great security tips, Peter. Thank you so much for reminding all of us that we must take security seriously. We certainly do not want all of our hard work go down the drain because of a virus or hacker attack.
Jasmine recently posted..Best Forum Hosting
Twitter: com_howtoguide
says:
Absolutely Jasmine! Thanks for reading.
Peter Lee recently posted..The Web Is Transforming The Holiday Industry
Twitter: koundeenya
says:
I have a query ? If we use any nulled versions of themes or plugins ? Does it become easy for hackers ?????
Twitter: com_howtoguide
says:
I wouldn’t say that. I would rather say it is best or highly recommended that you use themes and plugins that are approved by WP (especially the plugins). Some reputable premium themes are also preferred. But then again, there’s no such thing in the world as “guarantee secured”. Using premium themes and WP approved plugins doesn’t mean that you’re 100% safe either. Use your common sense, practise the tips mentioned in the article and stay protected. Thanks for bringing up the question Koundeenya.
Peter Lee recently posted..10 Ways to Protect Personal Information Online
Twitter: com_howtoguide
says:
You’re welcome Harriet. Thanks for dropping by.
Peter Lee recently posted..How Social Networking Can Help Your Brand
Twitter: ajme007
says:
Its really important for every site. VPS hosting server is good working.
It i still amazing that some people do not take the issue of security seriously. A 4 year old can understand the idea of safety and protection, but some supposed adults do not have a clue. Thanks for the specific advice.
Twitter: com_howtoguide
says:
You’re welcome! People really need serious education in security.
Peter Lee recently posted..Sites Where You Are Most Likely to Get Hacked
I think it is quite logical to use all the possible ways of security that exist to protect your own blog and I find it very correct and I am trying to do the same as much as I can. Thanks for the tips.
Twitter: com_howtoguide
says:
You’re welcome DiNaRa. As prevention is better than cure, taking all the necessary steps to protect our sites will certainly reduce the risk of our sites’ security being compromised.
Peter Lee recently posted..What To Look For In An Affiliate Program
Interesting write-up. Never really thought about securing my blog! Thanks for the heads up on being careful with excessive plugins!
Alicia recently posted..Whitelight – Best Portfolio Theme from WooThemes
Twitter: com_howtoguide
says:
Less is more. Excessive plugins not only increased the risk of security, somehow it’ll also slow down your site. Thanks for reading Alicia.
Peter Lee recently posted..5 Tools to Help you Keep Your Laptop and Data Secured
Really these are the 13 points which everyone can use to prevent their blogs.
Some time wordpress security apps breaks your WordPress installation.
So use it very carefully. As One of my blog faced same problem.
That’s all.
Google Play recently posted..Regional Availability of Google Play store
Twitter: com_howtoguide
says:
Hope that didn’t do much damaged on your blog. Thanks for the advice.
Peter Lee recently posted..Why You Should Have A Comment Policy On Your Blog
Twitter: ajacwebdesign
says:
Currently installing the limit login plugin. Even the comment section of this post was useful!
Charles recently posted..The first 3 local SEO steps for your Michigan business after publishing your new website
Twitter: com_howtoguide
says:
I’m glad the article helps Charles. Thanks for dropping by.
Peter Lee recently posted..The New iPad : What We Hoped For and What We Didn’t Get
Twitter: trungpc81
says:
Thanks for the share nice tips to help us learn on how to protect our WP blog. I still did not install any WP security plugins such WP Security Scan and I have to change now.
Twitter: daveattrigpoint
says:
Be very careful where you keep your WordPress passwords as well, certainly not in an e-mail in a Hotmail account, they seem to be constantly being hacked right now and people are then grabbing passwords for anything else you have in there.
Twitter: Amarillindra
says:
Updating plugins is most important one btw using nulled ones make harm to our wordpress
I use login lock,it blocks IP who try to log into my account using brute force method
santosh recently posted..HTC One X Price ,Specs,Features and Review
Twitter: com_howtoguide
says:
That’s great Santosh! I hope it’ll work well for you
Peter Lee recently posted..Is Hacking an Inside Job?
Twitter: iPhoneQuest
says:
Thanks for sharing these tips. Login lockdown really is the best plugin to protect wp-admin as wordpress by itself has no provision for brute forcing.
Ayush Agrawal recently posted..AssistantExtensions – The Ultimate Siri modification tweak
Twitter: com_howtoguide
says:
That’s right Ayush! To well protect our WP blog, we’ll have to find our own defence ourselves! Thanks for dropping by!
Peter Lee recently posted..Why an External Hard Drive is Important to You
A bit concerned about your plugin list is it wise to recommend WordPress plugins that have not been updated for over a year? There are also a few caveats on the WP Security Scan plugin that could trip people up. Really should consider using “WP Login Security” rather than “Login Lockdown.” I would also recommend checking out the Ultimate Security Check and Better WP Security beta.
Twitter: com_howtoguide
says:
Hmm.. my intention was not to really recommend any particular plugins. I was just trying to give a few examples of what “type” of plugins. Anyway, thanks for your concerned and I appreciate your comment Charloth
Peter Lee recently posted..Technology : Are We Too Plugged in to it?
I use login lock-down to protect my blog, how do I hide the WP version from my blog?
Thank you for stopping by and commenting! I hope you enjoy finding new and interesting bloggers here, and make new relationships along the way!
I’ve installed the blog protector and it seems to work only half.When I only select “Deactivate Text Selection And Image Dragging.(Highly Recommended)”, that works. But, when I select both options (so also “Disable Right Click Of Mouse”) the plugin does nothing. right click and selection of text and images is still possible.
Awesome Tips, I am glad that you have shared them here. Now I have an idea on how I could keep my blogs protected.
tamer recently posted..AMAZONDAN PARA KAZANMAK
I hope they don’t start charging, it would mean commenting would become a ‘dark art’ of SEO.