There is nothing is worse than finding out your website has been hacked. Here are a few easy steps that you can take to make your WordPress site more secure.
1 Use your email address as your username
The reason is quite obvious; Usernames are a lot easier to predict than email IDs.
Several security plugins allow you to set up login pages so that all users must use their email addresses to log in. If in the end you choose to use a username, just don’t use ‘Admin’.
2 Choose a unique password and adjust it regularly
I sincerely hope that by now nobody is using the same password for all their online accounts.
I strongly recommend using an app like 1Password or LastPass to generate and store unique, impossible-to-guess passwords.
3 Rename your login URL
It is a little too easy for someone to check out your-domain.com/wp-admin and have a go at it. Another easy step to take is to change the default login URL to a custom one.
I like to use the WPS Hide Login plugin for this; set it up in seconds and never second guess it again.
4 Change the WordPress database table prefix
If you’ve ever set up a WordPress website before you are probably familiar with the wp- table prefix.
Using the default prefix makes your site database prone to SQL injection attacks.
The next time you set up a website choose something unique, like mywp- or wp[yourinitials]- instead.
If you’ve already set up your website you can still change it using the WB DB Manager plugin. Just make sure you backup your site first!
5 Make regular backups to secure your WordPress website
Make sure you regularly update your website, this way you can always revert back to an earlier version.
I’ve used Back WP Up for years to automatically back up websites on an hourly, daily or weekly basis depending on your needs. This plugin has it all; one-click database backup, set automatic backups, connect to FTP, Dropbox etc.
6 Update your theme and plugins regularly
Themes and plugins are essential for your WordPress website but they can also pose serious security threats.
Hackers can’t exploit bugs that have already been fixed by making sure your theme and plugins are always up to date, so this is an essential step in keeping your site secure.