1. Update!
Most of the common hacks/injections happen because of outdated WP or plugin. WordPress has a very strong community and as soon as a vulnerability is detected, it gets plugged.
2. Delete the ‘admin’ account – Make it harder for the hackers!
WordPress lets you give administrator access to other user accounts. So, instead of using ‘admin’ username use some other unique username.
3. Check your file and folder permissions
File permissions set to 777 or 755.
4. Hide your wp-config.php
This is another file which is most vulnerable to attacks and by default will be located at your_host/wordpress/wp-config.php. You can move it to the root directory i.e your_host/wp-config.php because WordPress automatically checks the root directory for this file if it doesn’t find it at the default location.
5. Use trusted sources for themes and plugins
Beware of pirated themes and plugins, they usually contain malware or spam bots which at best will hamper your site performance.
6. Connect to your server securely
Use sFTP or SSH instead of FTP. Use SSL whenever possible. HTTPS is most preferred and secure way of transacting online.
0 comments:
Post a Comment