5 easy steps to keep your WordPress site safe…..

WordPress is an incredibly safe application to use, however there are a few ways you can make your WordPress site even more secure!

Here are some tips to ensure your security – 

  • Install Wordfence, this will block unwanted login attpemts. 
  • Always keep the WordPress software and plugins up to date
  • Change the file permissions for your website. Suggested file permissions are: – 
File NameRelative PathSuggestedDefault
/ 07550750
/wp-admin 07550755
/wp-includes 07550755
/wp -config.php 04440644
/wp-content 07550755
/wp-content/themes 07550755
/wp-content/plugins 07550755
.htaccess 04440644
  • Install the plugin ‘Wordfence’. This will monitor the failed login attempts to your website and also block potential brute force attacks. 
    • On a side note make sure you don’t use the admin username ‘admin’ or the name of your site, people still do this but it makes it easy to guess half your login

Restrict access to your wp-admin directory by performing the following steps :-

Step 1 – Go to the location where you have installed WordPress using file manager.

Step 2 – Look out for a folder name wp-admin.

Step 3 – Find the .htaccess and insert the follow code :-

 

AllowOverride None
order deny,allow
# whitelist
allow from xxx.xxx.xxx.xxx (IP 1)
allow from xxx.xxx.xxx.xxx (IP 2)
allow from xxx.xxx.xxx.xxx (IP 3)
deny from all

If you only need to allow one ip address you can remove the 2 additional lines (IP2, IP3).

Please feel free to get in touch if you have any questions (open a ticket) with our hosting department – we will try to get back to you as soon as we can!

Powered by BetterDocs

Leave a Reply