7 Steps to Keep Your WordPress Blog-Site More Secure
WordPress is a great way to build and manage a website. Like any online software though, there are steps you should take to secure your WordPress installation and keep it safe from hackers. Some are common sense for any website (secure website hosting and choosing a secure password) and others are specific to WordPress (such as the plugins recommended below). Here are seven steps to secure your WordPress website.
1) Pick a Good, Reliable, Secure Website Host
Where you choose to host your WordPress website can make a difference in your security. Two important things to look for are server security and backups for restore.
Choose a host who offers you php5 and runs it in suEXEC mode. With suEXEC you are able to lockdown your files more tightly. You can find more technical (very technical) details in Wikipedia.
Also look for a host who offers a reliable backup system and will restore your site for you free in the event of being hacked. Most hosts offer weekly and monthly backups at a minimum. Some hosts also do nightly backups and incremental hourly backups. I’m hosted on a server with monthly, weekly, nightly, and incremental backups. This means that if my site were to be hacked I could easily roll back to what it looked like 3 or 4 hours ago. I wouldn’t loose much, if any, of my content or other files.
2) Use Fantastico to Install Your Blog (or Change Your Admin Username)
If you install yourself with FTP and cPanel, you’ll have a default username of “admin” which is very easy to guess. By using Fantastico, you will be given the choice to pick a username and password that are unique. Plus, it’s easier than an install with FTP and cPanel. Either way, don’t use “admin” for the admin username. And don’t EVER use “password” for your password.
To continue reading this article, click here.
