You don’t want your brand-new website to get hacked!
And, because WordPress powers around 30% of the internet, there are tens of thousands (if not millions) of hackers attempting to break into WordPress sites on a daily basis.
As a result, you must ensure that your seals are tight and your WordPress site is secure.
This means a couple of things:
Use unique usernames and passwords
The username “Admin” is the default for the first user created in all WordPress installations.
You should definitely modify this by creating a new Administrator account with a distinct name and password.
Because a hacker can get or guess your password in a variety of ways but not your username.
If that’s the case, and you’re still using the “admin” username, they’ve already solved part of the login puzzle.
It will be more difficult for them to access your WordPress account if your username is something ridiculous like “donthackmebro69.”
Unless you use the same login on other sites (in which case you probably shouldn’t).
“Unique password” entails all of the normal requirements: digits, capital characters, and symbols; the longer the better.
Restrict access to your WordPress admin area
This one is a little more complicated, but it’s a good idea once you’ve gotten used to editing website files on your web host’s server.
By going to “[yourdomain].com/wp-admin,” you can access your WordPress dashboard, which allows you to alter pretty much anything on your site.
It is possible to limit access to that page on your website to users from specific machines!
To do so, go to whatsmyip.com and look for your home IP address.
Then, in your WordPress folder’s.htaccess file, replace “xx.xxx.xxx.xxx” with your IP address, and add the following code.
Deny from all
Allow from xx.xxx.xxx.xxx
You can easily replace the “Allow from xx.xxx.xxx.xxx” line with different IP addresses if you need access from numerous computers (either for yourself or for individuals you work with).
However, all of this may be a little too convenient and technical.
As an alternative, you can use the following command to limit the number of login attempts:
WordPress security plugins
There are a lot of security plugins that have different functionality, but in general, these are going to offer a few things:
- Active security monitoring (to check for hacks in real-time)
- Notifications for when a security threat is detected (so you can secure your site fast)
- Malware scanning (to check for malicious code)
- File scanning (to make sure nothing gets infected)
- Blacklist monitoring (to protect your site from visits by people at IP addresses known to be used for hacking)
- Post-hack help (to recover your site if it gets hacked)
- Firewalls (to limit access to your website’s files)
- Brute force attack protection (aka “limiting login attempts”
Table of Contents
- The first step is to obtain a domain name and web hosting.
- Step 2: Installing WordPress
- Step 3: Using WordPress to Login
- Step 4: How to Use the WordPress Admin Panel
- Step 5: Putting WordPress Themes Into Place
- Step 6: How to Install WordPress Plugins
- Step 7: How to Change the Look and Feel of Your WordPress Theme
- Step 8: Adding Pages to WordPress
- Step 9: How to make a WordPress blog post
- Step 10: Creating WordPress Menus
- Step 11: Putting Your WordPress Site Online
- Step 12: How to speed up WordPress
- Step 13: Enable gzip compression for WordPress
- Step 14: How to Make Your WordPress Site More Secure
- Step 15: How to update your WordPress site
- Step 16: How do you backup your WordPress site
- Website tips and tricks for WordPress
- Now that you can build your own personal website