{"id":1831,"date":"2012-07-23T02:13:53","date_gmt":"2012-07-23T02:13:53","guid":{"rendered":"http:\/\/www.serverslot.com\/?p=1831"},"modified":"2013-01-23T17:46:15","modified_gmt":"2013-01-23T17:46:15","slug":"how-to-secure-wordpress-to-be-hacked-by-hackers","status":"publish","type":"post","link":"https:\/\/serverslot.com\/hosting-issues\/how-to-secure-wordpress-to-be-hacked-by-hackers\/","title":{"rendered":"How to secure wordpress to be hacked by hackers"},"content":{"rendered":"

That is really a good question to reply\u00a0How to secure wordpress to be hacked by hackers and here i would like to give you a lengthy but up to great extent effective answer.<\/span><\/p>\n

In the world of information technology,we often hear a word HACKER and its threats.<\/span><\/p>\n

What is a HACKER?<\/strong><\/span><\/p>\n

Hacker is a computer expert and GURU who can damage the information,can access your authority<\/span>
\n without your permission for their own satisfaction and sometimes destroying the prestige of<\/span>
\n your business.So if you ever have faced any such situation in your life and now wants to secure<\/span>
\n your WEBSITE\/BLOG more securer then its an article which can help you to know that how can it<\/span>
\n is possible for you.<\/span><\/p>\n

Well, if you think that you can manage your website\/blog easily by yourself and you are good<\/span>
\n for installing themes and plugins,Please read the section below.<\/span><\/p>\n

Security Measurements:<\/strong><\/span><\/h2>\n

Upgradation<\/strong>:<\/span><\/p>\n

Upgrade your WordPress script to latest version when available at WordPress.org when possible.<\/span>
\n it will enhance the protection by 80% because every version of wordpress filled with new<\/span>
\n security features and patches.<\/span>
\n Use another username rather than using ” admin ” as WordPress is an open source application<\/span>
\n and now everyone knows that ” admin ” is the default username of WordPress.It makes too easy<\/span>
\n for hackers to hack your password as the remaining work reduces at 50% as they your username<\/span>
\n already.Avoid using default prefix ” wp_ ” as well.<\/span>
\n Changing your username its not a difficult task.All you have to these small steps:<\/span>
\n 1- Go to phpMyAdmin<\/span>
\n 2- User’s Tables<\/span>
\n 3- Open it and paste the following SQL Commands and run.<\/span><\/p>\n

update wpwins_users set user_login=\u2019helloadmin\u2019 where user_login=\u2019admin\u2019;<\/span><\/p>\n

That’s it your username will be changed as per your desired one.<\/span><\/p>\n

This is an example command which change the prefix to “wpwins” and your WordPress username to<\/span>
\n ” helloadmin “.Both are the values are for example and can be changed by your wish.<\/span><\/p>\n

CHOOSING A PASSWORD:<\/strong><\/span><\/p>\n

Choose a password which is hard to guess and more unique.Changing your username is not a<\/span>
\n guarantee that you are safe from hackers 100% and the others cannot crack into your security.<\/span>
\n Choose a password with upper case letters,lower case letters and also characters and numbers.<\/span><\/p>\n

CORRECTING FILE PERMISSIONS:<\/strong><\/span><\/p>\n

Hackers can easily crack your security if you don’t set correct permission for your files and<\/span>
\n folders.Use always 0755 permission for your every folder and 0644 for your files.If you want<\/span>
\n to edit a file in the WordPress Theme Editor then the permission will be 0666.<\/span>
\n Don’t set permission as 0777 as it allows the Hackers access.<\/span><\/p>\n

Editing with WordPress Keys:<\/strong><\/span><\/p>\n

WordPress scripts have some security keys which are normally same in all updates and releases.<\/span>
\n No one trying to change these keys and some of us are unaware of it.So we did’nt notice to<\/span>
\n change these keys.But you have to change these keys in the file wp-config.php to make a secure<\/span>
\n database information.<\/span>
\n Use the following link to generate new security keys, every time you open this URL,you have<\/span>
\n new keys there:<\/span><\/p>\n

https:\/\/api.wordpress.org\/secret-key\/1.1\/<\/span><\/p>\n

You can edit your wp-config and change your security keys as listed below:<\/span><\/p>\n

define(\u2018AUTH_KEY\u2019, \u2018your unique value goes here\u2019);<\/span>
\n define(\u2018SECURE_AUTH_KEY\u2019, \u2018your unique value goes here\u2019);<\/span>
\n define(\u2018LOGGED_IN_KEY\u2019, \u2018your unique value goes here\u2019);<\/span>
\n define(\u2018NONCE_KEY\u2019, \u2018your unique value goes here\u2019);<\/span><\/p>\n

Secure Directory Listing:<\/strong><\/span><\/p>\n

WordPress is an open source application so anyone can know the structure of your files\/folders<\/span>
\n including hackers inside your hosting.They can gain access to your directories\/files because<\/span>
\n normally all the browsers show the directory structureof your script.To solve this issue,Put<\/span>
\n a blank index.php file in each directory where index file is not placed by default.<\/span><\/p>\n

Keep an updated Backup:<\/strong><\/span><\/p>\n

All the above steps can bring a peaceful state of your mind but keep in mind that security is<\/span>
\n always for break so there’s a best suggestion for you all that take periodic backup of your<\/span>
\n database and files and never trust completely on your security bars.There’s no one can claim of<\/span>
\n having 100% secure WordPress\/Blog website.<\/span>
\n Keep regular backup of your Blog.If anything goes wrong due to successfull hacking you will<\/span>
\n be able to recover the actual image of your website\/blog.<\/span><\/p>\n

Plugins Installation:<\/strong><\/span><\/p>\n

If you are new to WordPress then don’t be so worry about this.We are always there for you to<\/span>
\n help you out.You may ask us or any other people who are familiar with WordPress organizing<\/span>
\n to implement all the above mentioned steps for security purposes just to make it even more<\/span>
\n securer.So perform every step with caution and carefully.Install these plugins steps given<\/span>
\n below immediately for WordPress better security and safety.<\/span><\/p>\n

1- WordPress Security Virus Scanning:<\/strong><\/span><\/p>\n

Install this plugin to know that whether all the securities related to your Website\/Blog<\/span>
\n have been implemented correctly?It provides you a detail information that which security is<\/span>
\n implemented and which is working correctly.<\/span><\/p>\n

2- Hidden URL:<\/strong><\/span><\/p>\n

Install this plugin to hide your URL Login.You can choose URL login as your desired one e.g.<\/span>
\n (www.domain-name.com\/abc) instead of (www.domain-name.com\/wp-admin) will be same directs you<\/span>
\n to website’s main\/homepage.<\/span><\/p>\n

3- Block failed login Attempts:<\/strong><\/span><\/p>\n

This plugin will help you out to block unwanted\/fake login attempts to wordpress login page,<\/span>
\n This plugin will block the IP’s of the failed login attempts made by any Hacker.<\/span><\/p>\n