Protecting and securing your Wordpress website

WordPress has always been targeted by hackers because of its known vulnerabilities. These vulnerabilities does not limit only to Wordpress core files but, most of the times, are the outdated plugins and themes. Securing your WordPress website takes time and should be done in a recurring process. Here are the steps you should take to protect your Wordpress.

1. Remove vulnerable WordPress Plugins

Remove Wordpress Plugins that is currently vulnerable from your website. Visit WPScan Vulnerability Database (https://wpvulndb.com/plugins) for the list of vulnerable plugins and ensure you do have it installed.

2. Install Wordfence

This plugin, available for FREE in WordPress plugin store, is a highly recommended security plugin for your WordPress site to help you secure your website. It offers multiple features such as scanning integrity of your Wordpress core files, and as well as for malware vulnerable themes, plugins, etc. NOTE AND READ: Since this is a wordpress plugin, make sure you always update it.

3. Rename your wp-login.php

Another great plugin called Rename wp-login.php works to easily rename your wp-login.php which is highly targeted by spammers and hackers trying to get in to your Wordpress. This plugin will rename your wp-login.php so you only you will know where to access admin dashboard. However, if you are using the WP comment system, the point of hiding the login page will make no sense because your commenters will have to login in order to comment. Thankfully, Shrewdies wrote a detailed guide to help us fix that.

4. Scan your website

After all the hard-work, you want to make sure your webesite is really secured. Sucuri SiteCheck provides remote scanning and will report to you if your website is free from malware, and other security flaws.

5. Install Sucuri Security

And follow this in-depth guide for complete steps on how to maximize their free tier and secure your Wordpress.


5. Stay up to date

Know the latest plugin vulnerability. Subscribe to Sucuri's blog. Being the security firm that we trust, Sucuri's blog are the most up-to-date when it comes to reporting vulnerabilities simply because... it is their business.

Hopefully these articles will help your secure your Wordpress website. Stay secure so you can operate at peace.
  • Email, SSL
  • 0 Users Found This Useful
Was this answer helpful?

Related Articles

How To Clear Your DNS Cache (Windows/MacOS)

How To Clear Your DNS Cache (Windows/MacOS) Your DNS cache stores the locations (IP addresses)...

How do I update my compromised website's status on Google search results?

How do I update my compromised website's status on Google search results? Google listed all...

My Wordpress site has been hacked. What do I do now?

The Exploit Scanner plugin can help detect damage so that it can be cleaned up. Other things you...

cPanel/WHM Error: "Your IP address has changed. Please log in again."

cPanel/WHM Error: "Your IP address has changed. Please log in again." This usually happens if...

Securing your Wordpress with Free Sucuri Security plugin

Securing your Wordpress with Free Sucuri Security plugin Installing the plugin is easy, just...