1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

How to keep WordPress site protected?

Discussion in 'Link Building' started by palashtd, May 14, 2016.

  1. palashtd

    palashtd Newbie

    Joined:
    May 14, 2016
    Messages:
    10
    Likes Received:
    0
    Gender:
    Male
    Occupation:
    Service
    Location:
    Bangladesh
    Home Page:
    Hi, you know WordPress is the largest CMS(Content Managment System) which is the most usable CMS platform for creating a blog or website. But We don't know how to keep WordPress Site protected. That's why I have written a blog post regarding WordPress site protected.


    But I could not include enough information to my blog post. So If you have any idea about Wordpress security, please reply this question answer. I will try to add your answer in my blog post.
     
  2. Imhan

    Imhan Registered Member

    Joined:
    May 1, 2016
    Messages:
    55
    Likes Received:
    0
    you could use some security plugin
    like all-in-one wp security and firewall
     
  3. hfsyou

    hfsyou Junior Member

    Joined:
    Mar 17, 2014
    Messages:
    128
    Likes Received:
    77
    wp bullet is good too!
     
  4. lancis

    lancis Elite Member

    Joined:
    Jul 31, 2010
    Messages:
    1,683
    Likes Received:
    2,426
    Occupation:
    Entrepreneur
    Location:
    Milky Way
    Home Page:
    OP, look here: https://www.google.com/#q="ways+to+secure+your+wordpress"

    Are you sure, we need another article on that topic?

    Well, coming to think of it, most of the articles in the search results should be called "ways to pseudo secure your wordpress", because with all these tips implemented you'll still get hacked. So if you intend to mention words like "firewall", "nginx", "ssl", "fail2ban" in your article you'll definitely stand out among the competitors. :)
     
  5. wayne fenton

    wayne fenton Junior Member

    Joined:
    Sep 29, 2015
    Messages:
    127
    Likes Received:
    15
    Gender:
    Male
    Occupation:
    Affiliate Marketer
    Location:
    Czech Republic
    You can install word press login secure plugins
     
  6. thespecialist1337

    thespecialist1337 Registered Member

    Joined:
    Oct 24, 2015
    Messages:
    50
    Likes Received:
    3
    wordfence is best
     
  7. SirLemon

    SirLemon Newbie

    Joined:
    Sep 1, 2015
    Messages:
    25
    Likes Received:
    2
    Just change your .hta file path and wp-config path.
     
  8. iwebsocial

    iwebsocial Junior Member

    Joined:
    May 31, 2014
    Messages:
    178
    Likes Received:
    25
    Gender:
    Male
    Occupation:
    Blogger
    Location:
    India
    Home Page:
    A security plugin is very necessary to run a WordPress site. However there are some additional work which you can do to minimize the risk. For example Don't use admin as your WordPress username. Change the WP-admin URL, Watermark your images, Disable the right click option, Choose complex passwords and change them frequently. Always update your WordPress, also update your themes and plugins to prevent any security vulnerability. Hope this will help you.
     
  9. RuthSam

    RuthSam Jr. VIP Jr. VIP Premium Member

    Joined:
    Mar 19, 2010
    Messages:
    3,813
    Likes Received:
    976
    Gender:
    Male
    Home Page:
    Search BHW and Google for securing WordPress. You can post a link to your website at the Warrier forum they badly need it over there, you can be a millionair tomorrow if you hurry.
     
  10. redarrow

    redarrow Elite Member

    Joined:
    Apr 1, 2013
    Messages:
    5,164
    Likes Received:
    1,171
    You can get a plugin that protects the sign in page of wordpress , it ask for image match before allowing you to login.

    This stops people/bots trying to force your username and password .

    But you need to think of a proper username and password to redurce risks

    I suggest the way microsoft show users how to set a password is best pratice.
     
  11. TRUE Media Partner

    TRUE Media Partner Registered Member

    Joined:
    Dec 29, 2013
    Messages:
    72
    Likes Received:
    10
    Home Page:
    There are a lot of security plugins for WP.
    Or you can manually set password on system folders and change default service urls via .htaccess.
    For example:
    Code:
    # BEGIN Hide console URL
    <IfModulemod_rewrite.c>
    RewriteEngineOn
    
    RewriteRule^custom_admin_url/?$/wp-login.php?your_secret_key[R,L]
    
    RewriteCond%{HTTP_COOKIE}!^.*wordpress_logged_in_.*$
    RewriteRule^custom_admin_url/?$/wp-login.php?your_secret_key&redirect_to=/wp-admin/[R,L]
    
    RewriteRule^custom_admin_url/?$/wp-admin/?your_secret_key[R,L]
    
    RewriteCond%{SCRIPT_FILENAME}!^(.*)admin-ajax\.php
    RewriteCond%{HTTP_REFERER}!^(.*)yoursite.c.o.m/wp-admin
    RewriteCond%{HTTP_REFERER}!^(.*)yoursite.c.o.m/wp-login\.php
    RewriteCond%{HTTP_REFERER}!^(.*)yoursite.c.o.m/custom_admin_url
    RewriteCond%{QUERY_STRING}!^your_secret_key
    RewriteCond%{QUERY_STRING}!^action=logout
    RewriteCond%{QUERY_STRING}!^action=rp
    RewriteCond%{QUERY_STRING}!^action=postpass
    RewriteCond%{HTTP_COOKIE}!^.*wordpress_logged_in_.*$
    RewriteRule^.*wp-admin/?|^.*wp-login\.php/not_found[R,L]
    
    RewriteCond%{QUERY_STRING}^loggedout=true
    RewriteRule^.*$/wp-login.php?your_secret_key[R,L]
    </IfModule>
    # END Hide console URL
    Where
    custom_admin_url - new admin panel url
    yoursite.c.o.m - your site domain (without http)
    your_secret_key - secret key (like password, "sd782kjds")

    After applying all changes the new admin panel url will be "yoursite.c.o.m/custom_admin_url"
     
  12. kiyuri

    kiyuri Newbie

    Joined:
    Apr 12, 2016
    Messages:
    14
    Likes Received:
    0
    I recommend Shield (IThemes security). Wordfence has failed me (not to mention a big performance hog either -.-). It has the basic login protection, firewall, wp core file scanner, yada yada

    Yep.....that's painfully true for the pseudo part
     
  13. MrPRinson

    MrPRinson Registered Member

    Joined:
    Jul 14, 2016
    Messages:
    57
    Likes Received:
    4
    There are all kind of security plugins, I'm currently using Hide my WordPress plugin.
    but I'm sure that there are better