Saturday , 24 February 2018
Home » WP Guides » WordPress Security Tips, How-To Avoid Being Hacked

WordPress Security Tips, How-To Avoid Being Hacked

The use of wordpress is a very popular platform on the internet today. But, for business owners who want to keep their site safe, taking the proper precautions, and following the right wordpress security tips, is something that has to be done. Since your wordpress site is open source, if not properly protected, and if you do not take the right precautions as a business owner, it can lead to your site being hacked in to, and information getting in to the wrong hands, of those who are not internal to your company’s operations.

One of the main wordpress security tips to consider when setting up the wordpress site is not to use an admin username. Especially with the latest version 3.0, users can change the admin username setting into any username they want to choose. This is one of the easiest methods of blocking hackers, as this is the most common mode of entry they will try to use (using the admin username to simply log on and try to get the password) to try and hack in to the company’s internal information. By changing the username, this gives one more hurdle for hackers to jump, as they are now required to find out what the username is, as well as cracking the password.

Another tip to consider is installing the Log In Pluggin. By doing so, the plugin is it going to block the hacker from being able to use the dictionary or brute attack force, in order to try and hack in to your system. This plugin is going to time stamp the IP address each time an attempted login fail takes place. If more than a few attempts are made incorrectly from the IP address, within minute periods of time, it will block the hacker from ever being able to get in to the system you are running. The most current plugin allows for 3 incorrect password attempts, within a 5 minute time window. So, it gives hackers very few attempts, and only small windows of time to try and figure out the password and username if you have changed it.

When considering the best wordpress security tips to secure your site, company owners should also consider installing the Secure WordPress plugin. This plugin will remove error information on the login pages, it will add index.html to plugin directories, and it will hide wordpress versions, in addition to other adde security features it is going to provide for your system.

Choosing to move your wp-config.php files is also another one of the wordpress security tips to consider, when setting up your wordpress site as a business or company owner. You can easily move this file from the root folder, blocking out potentially important information, and keeping the internal configurations of your business safe. By simply moving the file up, you are going to give your site added security, and protect the root directory, keeping information that a company might want secured, to be protected from those who should not have access to such information about the company.

The option to change default set keys is also something to consider doing, in order to add more security to wordpress which your company is currently running. By copying the 4 generated keys on the wordpress site you are using, this is going to ensure greater security, and will keep your information safe to those who are internal to the company,and it will block out the outside users, and potential hackers, who are trying to view certain information about a particular business.

One of the simplest wordpress security tips, which many companies fail to do, is to constantly download updates when they come out. This is not only going to refresh the system, but is also going to bring along the latest and the most up to date security settings around. This is going to offer one added layer of security, and might bring some new, up to date security features, which were not available in the last form of the wordpress you are running on as a business.

Considering each of these wordpress security tips, and any others which can be found with basic research, business owners are going to keep confidential information secure from potential hackers.


  1. Hm, this article is a little over my head at this time, and it will need some rereading, but I’m interested to know how come you came to HostGator? Is it because it is considered safer? Is there a “safe” host?

  2. Is hiding wordpress version an important security measure ? Could you please name some reliable wordpress security plugins ?

Leave a Reply