Now you all can invite me on skype for any kind of help required as my username is krackoworld


16 July 2011

Pin It

Top 10 Killer Tips to Secure Your WordPress Blogs From Getting Hacked


wordpress-security-tips (1)Now a days many of the blogs are hosted on WordPress due to its large number of features like plugins, login system, up gradation etc.. But the only thing lacked is that WordPress offers low Security enhancement and possibility of getting hacked by the hackers. Last night, I am searching on Google to find out some cool and useful tips to secure our WordPress Blogs to high level, but the only thing I get is “disappointment”. So today, I am going to explain some killer tips and tricks on WP-Config File,Brute force attacks,WordPress plugins, Security and even on its Version also. Have Fun @!

 

1. Upgrade to the latest version of WordPress

Hence the latest version of WordPress always comes with fixtures in  bugs and security vulnerabilities, therefore it is important to keep yourself updated at all times. Currently its new version is 3.2.

2. Use Strong Passwords

Make sure you have used a strong password for your login which makes it difficult for others to guess it. Use a combination of digits, special characters and upper/lower case to combine your password.

3. Back up Your data Regularly

It doesn’t matter how secure your WordPress blog is, build a habit to backup your data regularly for some extra security by installing a plugin named as wp-database-backup.

4. Security Scan is must

Install the wp-security-scan plugin and perform a regular scan of your blog for some security loopholes.

5. Use Secret Keys in Your WP-Config File

In WordPress, the wp-config.php file is the file that stores the information about the database of your blog mainly. This file contains the name, address and password of the MySQL database that stores all of your user info, blog posts and other important content.

Using a secret key, you can make it even more difficult for someone to gain access to your account.

6. Always remove your WordPress Version info

According to Matt Cutts presentation – remove the tag in your header.php that displays the current version of your WordPress blog. It’s:

<meta name=”generator” content=”WordPress <?php bloginfo(’version’); ?>” />

Or, you can just modify it so that the version number isn’t displayed, to something like

<meta name=”generator” content=”Powered by WordPress” />

7. Encrypt your Login

Whenever you try to login to your website, your password is sent unencrypted. If you are on a public network, hacker can easily ‘sniff’ out your login credential using network sniffer. The best way is to encrypt your login with the Chap Secure Login plugin. This plugin adds a random hash to your password and authenticate your login with the CHAP protocol. You can also use the AskApache Password Protect plugin which adds a 2nd layer of security to your blog by requiring a username and password to access anything in the /wp-admin/ folder.

8. Protect your wp-admin folder

You may just add a ht.access access to your Wp admin folder which restricts access by blocking all ip addresses expect the one who uses. Note- please place this file in admin folder only not in the root directory of your WordPress blog.

order deny,allow
deny from all
allow from 255.168.088.59

change 255.168.088.59 to your ip address from where you are doing blogging.

9. Install Login Lockdown plugin to Stop Brute Force Attacks

If an hacker wants to crack your login password using brute force attack, then he/she gonna failed by simply installing a plugin called login lockdown which prevents or disable the login function after some bad attempts from same ip addresses.

10. Hiding your Plugins

Again, from Matt Cutts point of view – put a blank index.html file in your /wp-content/plugins/ directory in order to hide up your used plugins from others. By default, you can actually view the contents of this folder, so everyone in this world knows about the plugins you have installed.

Done !

Stay Connected with Us

If you want to remain update with these cool tips and tutorials at our blog, then kindly submit your email address below and get in touch with us. Note- After Submitting your email id below, please check you inbox and activate your feeds also for that.



Respected Readers :-
As a 18 years old student, running the top most blog in today's world is something quite difficult to do or handle as we bring the best things available related to ethical hacking and security tips to our readers every day. To keep us strong with this attitude, a small contribution from your side will highly be appreciated.

 

E njoyed this post very much – So why not you Subscribe to our regular Email Updates ! and stay connected with us forever .  

Kindly Bookmark and Share it with your friends :

0 comments :

Have any question? Feel free to Ask Below

Your feedback is always Precious to us.
I will try to answer all the queries as soon as possible.

Regards
karan chauhan

 

Recent Posts

Recent Comments

| KrackoWorld (KoW) © 2014. All Rights Reserved | Style By All Web Designing | | Contact |