9 Proven Ways To Keep WordPress Site Secure
If you want to make your WordPress site secure, you must know how to make WordPress site secure. WordPress security issue is a major concern for every website owner, who run their website on WordPress. Today I have a plan to discuss How to make WordPress site secure from hacking.
Actually, there is no way that will provide you hundred percent security. But, do not worry about it. There are thousands of WordPress developer, who working day to night to make your smile brighter by enhancing WordPress security. But if you want to reduce the probability of hacking of your site, you have to do some cool things or the best WordPress security plugin to keep secure. And, here I will discuss those things step by step.
You can also read my another post: 11 Quick Ways To Speed Up WordPress Site And Security!
9 Ways to Make WordPress Site Secure
Now see some important points to make your WordPress site secure.
1. Update WordPress
This is the most important things you must do if you want to secure your site from vulnerable attacks. WordPress officially release an update on a regular basis. In every release, you should update your WordPress core system. It will make your site more stable and secure also.
2. Backup Regularly
I will suggest you backup your site on a regular basis. It will help you to restore your data if your site is hacked or damaged. You can use backup plugins to make a backup of your WordPress site. My personal favorite backup plugin is UpdraftPlus, this plugin is really cool and easy to use. This plugin offers you to export your data in cloud services like Dropbox, Google Drive, Onedrive, Amazon S3, Box and your FTP server. You can also use Duplicator, VaultPress and WP Migrate DB, all these plugins are really helpful to make a backup. But If you want to use the premium plugin for getting more support then Backup My WP to Dropbox is the best.
3. Enable SSL
SSL means secure sockets layer. This layer protects your user information by encrypts the data. It’s work as a secure tunnel where all user data remain safe. All SSL enable sites to address to start with HTTPS instead of HTTP, so it also makes your site more trusted to the visitors. Not only this it also affects on Google ranking. Google offers more priority to SSL certified website. To enable SSL on your site it will make you some cost. Some web hosting providers like Siteground provide free SSL certificate with hosting plan. You can buy SSL from Namecheap at the lowest price at only $9/year.
4. Secure wp-config.php file
This file contains very important data like username, password. So, you have to lock down the default location of this file.
To lock the access of wp-config.php file you just use the code I provide below. Use it on the top of .htaccess file.
deny from all
This above code will deny the unauthorized access of the wp-config file. So, don’t forget to use it. If you want more security you can move this config file to a folder above your WordPress installation.This will make inaccessible this file from the browser.
Do you want to customize your theme? I am offering to you customize the free or premium theme as you like at only $5. Check out my Fiverr gig.
5. Hide the version number of WordPress
The old version of WordPress contains vulnerable issues. So, the people who are familiar with those versions and issues he/she can harm your site easily. For this reason, It will be better if you hide the WordPress version.
Here I provide some code that will help you to hide your version.
Add this code on function.php file. And, also remove readme.html file that contains the version number. If you remove it, it will make your WordPress site more secure. Here is the step by step guide How to Remove WordPress Version to Protect Site from Hackers?
6. Disable PHP error reporting
Hacker can get your server path from PHP error report because it shows the error code with file location. So, If you want more security, stop the error reporting.To stop it add some code to wp-config.php file. The code is here.
@ini_set (‘display_errors’, 0);
7. Update Themes
Themes are the most important part of a professional WordPress site in other words WordPress site mostly depends on its theme. And for this reason, most of the hacking took place from themes. Hackers sometimes share popular themes free but if you think so you will make mistakes, they put their hidden code on those themes and share it with others. If someone uses those free themes, this website will be hacked by the hackers. So, always try to use premium WordPress theme and buy it from the trusted marketplace. And update your themes when themes developer releases an update.
- Schema The Best SEO Optimized WordPress Theme For Blogger & Affiliate Marketer
- HappyThemes Review: A New Stunning WordPress Themes Store
- 7 Amazon Affiliate WordPress Themes That May Change Your Perspective
- 5 Awesome WordPress Themes For Photographers.
8. Plugin issues
Plugins are handy tools of customising WordPress site. We cannot think a single website without plugins but sometimes vulnerable plugin issues cause a great damage to the website. So, to avoid this issue, always try to use trusted plugins, and remove all unnecessary plugins from your directory. Here is the collection of 10 Best WordPress Security Plugins For All WP Security Solution
9. Use Strong password
Always choose a strong password with the combination of Capital letters, small letters, symbols, numbers etc. And obviously, use a long password. Don’t use your name, your birthday, marriage anniversary date or something like that are guessable. Just avoid those type of password and use a strong and long password. You can use Strong password generator tool.
Bouns For You:
These are the major steps, I think it will show you how to make your WordPress site secure. If you follow this instruction and do the work properly your site will remain safe from the hacker.