How Secure Is Your WordPress Blog?


Every day thousands upon thousands of WordPress blog sites are targeted for hacking.

 

 plugin security wordpress

How secure is your site?

Well there are places you can go online and check.

One that I use is the following, and despite putting some good security on my site, including the tips I am going to share below, hackers can easily get important data to hack into my blog:

https://hackertarget.com/wordpress-security-scan/

If you click on the link above you can put in the URL address of your website (or anyone else’s for that matter) and see how secure it is?

The information gleamed as you go down the page can be alarming and this is available to anyone who wants to access it using the same method you just did!!

When I checked my sites, you could see the WordPress version I was using, the plugins, and on some of my sites, the usernames to access the site.

So how can you protect yourself?

Firstly, I am going to give you half a dozen tips on how to tighten up your security that will make your security better than the average WordPress site.

Secondly, I am going to recommend you do what I did and install a security suite that has a record of ZERO hacks on all sites that use it and is simple to set up in a few minutes.

 

How To Tighten Up Your WordPress Security

 

 security for wordpress

 

Below are 6 tips that you can easily undertake to tighten up security on your blog:

Usernames

Don’t use simple login names to access your site. If you use ‘admin’ as your login name, you are asking for trouble. Try to use something memorable to you but not obvious to a hacker.

For instance if you where born on 15th April, using Carol1504 is a better username than Carol.

You can change your username in the ‘Users’ section of your blog dashboard.

Passwords

Using a secure password will keep the hackers at bay much longer than a simple password. Again having your password set to ‘password’ is simply asking for trouble.

 

 wp security

 

Try to use characters such as /,*,?, etc within the password and mix numbers and upper and lowercase letters. Also have it longer than 8 characters as this will slow down any automated attempt to hack into your system.

For instance TuDs/f*56f is a brilliant password. Of course you need to ensure you remember it, but that is a whole new article!

Keep It Up To Date

WordPress version and plugin updates are made for a reason and it is usually to eliminate security loopholes. If you are running old versions with known security problems, guess who knows what those problems are and how to manipulate them? Regularly go into your WordPress dashboard and perform all of the necessary updates.

Keep It Tidy

Delete any unused themes and plugins as they add to the vulnerability of your site.

Limit Login Attempts

Use the free plugin ‘Limit Login Attempts’ to lock out users who are trying to force their way into your site.

Wordfence

Use the free ‘Wordfence’ plugin to ramp up your security. This allows you to permanently ‘lock out’ IP addresses that try to hack into your system. It will also tell you when there are attempts hack into your blog and if there are any security vulnerabilities such as outdated versions of WordPress or plugins. This plugin requires a more involved set-up than the other 5 tips, but gives you better security.

 

My Recommendation

Finally I am going to recommend a security solution that has never been bypassed by hackers and it is the one I am going to use myself on all of my blogs from today (that security test scared the hell out of me).

The product is called Blog Defender 2015. The only downside is that it costs $47, although you can use it on as many WordPress sites as you wish.

Even if you don’t buy it, I suggest you click the picture link below and watch the short video that introduces the product, as it explains better than I can the risk you are taking by leaving you blog open to hackers, especially the part about being fined!!

 

 security plugins wordpress

 

I hope you found this guide enlightening, educational and helpful and you have at least put my tips into practice. I am no expert on WordPress, but I try to improve each day and hopefully what I have learnt on security will help me, you and a few other people over the coming days, months and years.

Thanks for reading!

Until next time . . .

Terry Jenkins

plugin security wordpress

security for wordpress

wp security

best wordpress security

security plugins wordpress

wordpress and security

wordpress site security

hack blog

hacker blog

hacking a blog

hacking blogs

hacking blogspot

11 Comments

  • Deb

    Reply Reply July 27, 2015

    Thanks for the tips Terry! I hadnt given blog hacking a thought!

    • Terry Jenkins

      Terry Jenkins

      Reply Reply July 27, 2015

      I am currently updating this site to include Blog Defender 2015. It is time consuming but fairly uncomplicated so far. I will try and blog about my experiences later. It didn’t help that I needed to change my WordPress theme first has the one I was using was blocking any comments being made. That is now fixed as you can see!!

  • Roy Miller

    Reply Reply July 27, 2015

    Terry, I found you post very enlightening. Thank you so much for the link to check my site. This information was very helpful.

    • Terry Jenkins

      Terry Jenkins

      Reply Reply July 27, 2015

      Thank you for reading it Roy. Hope the check for your site gave you an all clear!

  • Great stuff, Terry. I ran my blog through the test and it seems OK.

    I too purchased Blog Defender and am working my way through the steps to lock down my blog – having been hacked in the past. So…

    I second your recommendation of “Blog Defender”!

    • Terry Jenkins

      Terry Jenkins

      Reply Reply July 27, 2015

      Thanks for the kind words Jennifer. I have just completed it and it took me 2 hours.

      On the positive side that is insignificant compared to recovering from a hacked site, plus I now have automated back-ups set up with the back-ups being sent offsite to a secure location ๐Ÿ™‚

  • Jan Kearney

    Reply Reply July 28, 2015

    How secure is *my* blog? Well not as secure as it could be (I don’t hide everything) and more secure than most. Since I lost a lot of time and hair years ago when every site I owned was breached, I learnt my lesson the hard way ๐Ÿ™‚
    These days I manually install and lock down. So far, touch wood, none of my newer sites or clients sites have been breached.

    • Terry Jenkins

      Terry Jenkins

      Reply Reply July 28, 2015

      Yes, I have been lucky so far Jan. I need to run around my other WordPress installations now and bolt down the hatches on those also.

  • Tasleem Khan

    Reply Reply July 28, 2015

    Thank you for this as I always worry about hackers and losing my work. Done my blog check and everything seems okay, but I can always do more to secure it. ๐Ÿ™‚

    • Terry Jenkins

      Terry Jenkins

      Reply Reply July 28, 2015

      Glad my article helped you achieve piece of mind Tasleem.

  • Love this article Terry, full of useful tips and insights, got me thinking

Leave A Response

* Denotes Required Field