Categories: Website Hosting

Securing WordPress

This article assumes that you already have WordPress installed on your Website Hosting space. If you do not currently have WordPress installed feel free to follow our installation guide at WordPress Installation

Now that you have WordPress installed and you’ve started customising your website, you’re probably eager to go ahead and get word of your new website out there. At the moment however that could do more harm than good. Although you most probably have the very latest WordPress installed this doesn’t mean you’re 100% safe from malicious users, by following this guide you’ll be toughening your WordPress installation to stand up to all sorts of different attacks on your website

Installing “better WP security” plugin:

Better WP Security plugin allows you to hide areas of WordPress that will give away any vulnerabilities, such as the login areas, version numbers as well as allow you to rename your admin account username. However this plugin also allows you to do more than just hide vulnerabilities, you can use it to actively fight against any attacks on your website.

To begin, log in to your WordPress admin area (This is usually yourssite.com/wp-admin) and click the “Plugins -> Add New” option, you will then be taken to the Install Plugins page, as shown below, where you should search for “better WP security” as highlighted in the image.

You’ll then be presented with a list of plugins – the top one listed should be the correct one. Click the “install now” link to begin the installation as highlighted in the image below, this will begin the download of the plugin and installation.

The installation should complete without any warnings, click the “Activate now” link to begin using this plugin.

Customising “better WP security” plugin:

After enabling the plugin you should be taken to your plugins page, click the “Create desktop backup” to have a backup of your database emailed to your email address. You should then click the “Secure My Site From Basic Attacks” as this will give us a good starting point to configure from.

You should be presented with an options screen as shown below, from this list you should see “Your WordPress admin area is not hidden”. Click the link to begin fixing this issue.

After clicking the link you may be asked to turn on WordPress permalinks, in which case go ahead and follow the link and set them to “Post name” before returning back to the Better WP Security plugin.

You should now configure the pages to be hidden to how you like, in my this example I have simply prefixed “hidden-“ before each option, you may want to try something more unique and related to your website for extra security measures. You can then click the save button to update your settings as the image below shows.

Now you’re already protected against the most simple of hacking attempts such as brute force and dictionary attacks which is a great start – however, we also recommend that you return to the Better WP security dashboard and follow links to fix the issues written in red (for example Admin username and account ID).

Now you’re all protected, why not look into Optimising Your WordPress Website?

About Chris Danks

Chris Danks has written 137 post in this blog.

Chris is a British businessman, Chris started in the hosting business in 2001 at the age of 15. The business was re-branded to Cyber Host Pro in 2003 and has since grown to have thousands of customers around the world who trust Cyber Host Pro to manage their web hosting and servers.

Chris Danks

Chris is a British businessman, Chris started in the hosting business in 2001 at the age of 15. The business was re-branded to Cyber Host Pro in 2003 and has since grown to have thousands of customers around the world who trust Cyber Host Pro to manage their web hosting and servers.

View Comments

  • Great article guys and great advice. A word of warning when using this plugin though. We've tested it on some themes where it hasn't worked well at all (including being totally locked out of the backend after making certain changes). Not too bad if you remember to back up your site first, but a pain in the proverbial backside if you haven't. First time I learnt the hard way and in the end, had to rebuild the site again. So yes, certainly try out WP Better Security, as it really is a great free wordpress plugin. But, be sure to backup first...just in case it doesn't work well with your theme!

Share
Published by
Chris Danks

Recent Posts

.net core hosting

Are you a .net core developer?  Are you like thousands of others who are sick…

3 months ago

ASPNet Hosting Migrations

Need Help migrating a database? Hire one of our website consultants who can look at…

1 year ago

How to Secure Your Website – Install/Setup and enforce SSL – https://

This article will help you easily setup a SSL certificate on your website and setup…

1 year ago

Cyber Host Pro vs AWS vs Azure: which cloud is fastest?

Chris DanksFounder & Director - Cyber Host Pro LTD If you thinking about buying cloud…

2 years ago

How to launch your business’ online presence

You already know how important an online presence is in today’s tech-heavy world. For any…

2 years ago

5 signs your website could benefit from a dedicated server

Websites have become an essential business component no matter the industry you’re in or the…

2 years ago