Hello All! Welcome to my Office. My name’s John Daimary. Picture below will show you the actual face of Websites. My site has just been around 15 days in total! As you can see, I’m having almost “1,200 Malicious Login Attempts” Already! Man that’s Crazy. I’m already starting to feel very scared about this. So i figured out a way to actually secure my blog from hackers.. Not completely but at least so that I can feel safe. While i did this, I also thought of sharing my tips with you guyz. So these are really very basic yet effective tips to prevent hacks. So let’s get started on How to secure your WordPress blog.
1. Limit login attempts
So after a long research. I found that, those malicious login attempts are not made by Humans! They are done by “Bots”. Also Known As NetBots. These are just software like, which is totally automated. So they keep trying to enter your account by entering Different, Different Passwords at a given time.. But who knows, that this Attempts are made only by Bots? So i would strongly recommend you to “Limit Your Login Attempts”. Use this Plugin “Loginizer”. Just do a little bit of settings and off you go. So if you choose your maximum to be 1, then you will get only 1 chance to enter your credentials correctly. If done wrong, Your account will be “Locked” according to the settings you’ve made.
2. Choose a strong password
Try not to use only Names and or Numbers as your password. Try mixing it up by using Uppercase Letters, Numbers , Special characters etc. This will not only make it difficult for Bots but also for You too. You can give it a try. Just visit your admin area, under profile section – Click “Generate Password” for a perfect hint.
3. Change admin URL
I haven’t really tried this. Mainly because I wasn’t sure if my host “Bluehost” would accept this change. Mine is still /wp-admin hehe. So bot’s know this, You know this. Now you can try entering my Account. LOL
4. Change admin username
Now I really knew about this. By default , One’s WP Username is set to “Admin”. All know about this. And You cannot change your username once WP is installed.!
So on my journey of Installing WP on my Domain, I quickly changed the username. Now I can stay “Peace Of Mind”. And Yeah, don’t forget this. By default WP displays your username everywhere. Including Comments, Follows and even on the Author Section. Make sure you change that too.
Try these methods to prevent hacks. ?These are all free to practice. And if you have a bunch of cash in your wallet. Don’t forget to purchase additional security from Bluehost, Such as Sitelock Security, and a backup system like the Codeguard.
Here is the inner view of my blog after just 3 months. Have a look