Secure Your WordPress Blog

WordPress is one of the most popular platforms in the world. If you're reading this, chances are you've heard of all of the insecurities your default WordPress installation has. Luckily for you, there are many tools and a few tricks to help make sure that your WordPress installation is as secure as it possibly can be.

WordPress Security

1. Make Sure WordPress Is Up to Date

One of the main problems people have with keeping their WordPress installation secure is updating. Follow these steps:
  1. Find the "Update" link under the "Dashboard tab" as shown below and click it.
  2. WordPress Dashboard
  3. Once you're in the Updates menu, you will be prompted to update your installation if needed, or to redownload it if it's already up to date (as seen below).
  4. WordPress Update Security

2. Ensure Your Host Is Running the Latest Version of PHP

It should go without saying. If your host is running an old, insecure, version of PHP, nothing you do will help you. Any good website hosting company will be more than happy to tell you what version of PHP your server is running if you open a ticket with them.

3. Use a Blank HTML File to Hide Plugins

Hackers can use knowledge of your plugins to find vulnerabilities in your WordPress installation. Simply place a blank html file (a text file with the extension *.html that has nothing in it) into your /wp-content/plugins directory to make sure that they can't look up your plugins.

4. Block Access To Your wp-config.php

Simply put, you do not want someone to have access to your wp-config. It has your table prefixes, database login information, and more. If you forget to protect it, you're going to pay for it - dearly. The wp-config file is located in the root directory of your WordPress installation and is the holy grail of hacker information diving. So simply place:
<Files wp-config.php>
    Order Allow,Deny
    Deny from all
</Files>
in your ".htaccess" file to tell Apache to make sure they don't get access to it. This will prevent any sort of unwanted access to your wp-config file. The ".htaccess" file is extremely important to the security of your WordPress installation (and your server as a whole). It would be wise to learn how to use it.

So there you have it. 4 extremely simple ways to get you started on your way to securing your WordPress installation. As WordPress is getting more and more popular by the day, hackers are becoming more and more vigilant at spotting exploitable holes in WordPress versions and then automating the task. Don't allow yourself to become a victim.

Author About

Akhilesh Sharma maintains and writes Tweak And Trick. He is a technology enthusiast and a science student.
You can contact him at tweakandtrick@gmail.com.

read more >>
Featured Posts