What’s a blog if it gets hacked every day? We all can agree that security should always be #1 on your list. Let’s examine some security. Here are my 5 security tips for WordPress.
1. Don’t use the Admin account. The Admin account gives hackers an exact account to target. Most all WordPress blogs have them. I suggest setting up users like “1qeufjfuew”. That is taking it to the extreme. Just don’t use the account called “Admin”
2. Don’t allow /wp-* to be indexed. If someone knows your plugins, they could find a weakness in a security plugin. (Just a good practice)
3. Use a long password. The programs that hackers use are called “Brute Forcers”. These “Brute Forcers” will be unable to crack a password longer than 32 characters, because rainbow tables (the tables that these hackers use) do not exist for things longer than 32 characters.
4. Upgrade WordPress when an update is made. Don’t wait because there are almost always security changes made in these updates. Any time between patch updates is time for hackers to use their exploits.
5. Use a plugin called “Login Lockdown”. It locks users out after several logins, and logs all logins so you know what is going on. Vital security tool. I’m amazed WordPress hasn’t adopted this tool themselves.
No blog is unhackable, but making it harder for a hacker will keep them out. Also, keep in mind that larger blogs are the targets with a bullseye on them.
Wordpress security is pretty major for a good wordpress blog. Using longer passwords can potentially help the site stay safe. Good blog post!
3. Use a long password. The programs that hackers use are called “Brute Forcers”. These “Brute Forcers” will be unable to crack a password longer than 32 characters, because rainbow tables (the tables that these hackers use) do not exist for things longer than 32 characters.
Actually, there are a few BFs that can extend past 32 characters. All it requires is a simple file edit.