• Learn how to Run Mac Snow-Leopard on Ubuntu using Oracle Sun Virtual-box
  • Are you a Turbo C++ addict/? Learn how to emulate Turbo c++ with Dos-box in a few steps.
  • Ubuntu's purple love-- A Clean and minimalistic wallpaper for your Desktop.

How to protect WordPress Blog ?

WordPress  is most popular and extensively preferred blogging software all over world. Once your site is getting popular, intruders will always try to break your protection.

So it becomes very essential for you to take necessary steps before your word press blog got hacked/compromised as you all know "Precaution Is Always Better Than Cure.."

Always Update:

WordPress upgrade became easy now. If you are using old version of WordPress, you can use WordPress Automatic Upgrade plugins and update it to the latest version.

Rename wp-admin to any other folder:

You need to replace wp-admin to new-folder-name in few files of wordpress and rename some css files from wp-admin/css/ to new-folder-name.css also wp-admin folder to new-folder-name folder.

Here are few commands to do it.
cd /home/username/public_html (Path wordpress)
find -type f -exec replace 'wp-admin' 'new-folder-name' -- {} \;
cd wp-admin/css
ll | grep wp-admin
mv wp-admin.css new-folder-name.css
mv wp-admin.dev.css new-folder-name.dev.css
mv wp-admin-rtl.css new-folder-name-rtl.css
mv wp-admin-rtl.dev.css new-folder-name.dev.css
cd ../../
mv wp-admin new-folder-name
Now wordpress admin URL should be http:// www. yoursitename .com/new-folder-name instead of http:// www. yoursitename .com/wp-admin with same login details.

Protect Admin Profile:

Create a new user and give it administrator privileges. Once you create new administrator level user delete old "Admin" user's profile. By default "Admin user is automatically created by wordpress while installation.

Use Strong Password:

Please setup password using special characters like (&@$^%_#!~#$) etc. It will make difficult for hackers to crack password. Do not use simple words, your names, number sequence, city, bike name, cell numbers etc. You'll find a lot of strong password generator websites on Google. Also keep this password changing at regular intervals as this will be more safe for you to protect your admin interface.

Protect Your wp-admin Folder:

Add .htaccess file in wp-admin folder and block all IPs address except your own IPs of home/workstation.

deny from all
allow from your home IP
allow from your office IP
Backup Regularly:
Take regular backup of your working database and wordpress contents. Unfortunately if it got hacked then, you can easily restore your site from the latest backup you'll have for it.

Delete WordPress Version:
Hackers are smart enough to crack the wordpress blog even if they came to know the wordpress version. so its always safe to remove your wordpress version. Here you go for it..

Go to Appearance > Editor and choose the Header.php file and delete below code from the source code to hide your WordPress version.
<meta name=”generator” content=”WordPress <?php bloginfo(‘version’); ?>” />
That's it. You're done. Now, your wordpress blog is quite secure and safe than others..


Post a Comment