If we’re honest, sometimes we all get a little complacent on the security front. Even the most security-conscious WordPress user re-uses a password, or occasionally writes it down on a note attached to the monitor.
Unfortunately, this latest round of WordPress hacking incidents shows us that the dark world of hackers still exists, and it’s always best to play it safe in terms of securing your WordPress site. Below are 5 easy tips for tightening up your WordPress website security
1. Change your Database Prefix
A wordpress website combines a database and files to create a rich, interactive experience. However, this leaves the site vulnerable to database hacking techniques. Use a plugin like the website defender wordpress security plugin to change this default, usually reducing comment spam and foiling a variety of attack types.
2. Remove or rename the default “admin” username (not the admin user!)
The recent WP hacking attacks have shown that the default username “admin” adds a lot of risk of your site being hacked. It’s recommended that you A) create a new username and select “administrator” in that menu, B) logout then log back in as the new username, C) go to ‘users’ then delete the “admin” account.
NOTE : Always keep one administrator-level user on your site at all time, or you’ll lose access to the site’s back-end administration menu.
3. Use strong passwords
Instead of easily-guessable passwords like “guest”, “password”, “password123″, use either a brief sentence with punctuation, or a string of random text and numbers (including an unusual character like ‘&’,'%’,'!’ if possible)
4. Don’t share usernames
Never give out your username and password unless you can trust a party 100%. It’s easy to create a new username and password for that friend, relative, or client, but it’s much harder to repair a hacked wordpress site.
5.Use a wordpress security plugin to find and patch security holes
There are a myriad of ways to easily patch up your WordPress websites, but one of the easiest is to let a plugin take the hard coding out of it. The same plugin referenced above, the WordPress security plugin by Website Defender automatically seals up a few issues in the code and the database to further reduce your WP site’s risk.