WordPress Security Tips
WordPress security should be a top priority for all developers. Many clients have come to me with a WordPress blog that was set up by a friend or cheap freelance developer, and 100% of the time it was set up using all the default settings for WordPress without even the slightest consideration concerning security. If you don’t secure your WordPress blog/site with some basic security plugins and modifications, there is a good chance your blog/site will be hacked or targeted by people who have nothing better to do with their time but make your life more difficult.
In this article, I will address some basic, easy to do security settings for WordPress, so you can be assured your blog is not floating around the internet with giant loop holes in it’s security settings. While no method or plugin is 100% guaranteed to stop all attacks, implementing these basic rules will significantly reduce your chances of getting hacked.
WordPress Security Tip #1: Change your database table prefixes from wp_
If you’re not familiar with databases, then this one may be a little confusing. I promise I’m trying to avoid using ‘technical jargon’ as much as possible, so here’s a quick explanation of what this means. When you’re setting up WordPress for the first time, you go through 2-3 steps to get the basic site installed and running. One of these steps involves connecting WordPress to a MySQL database on your hosting package, which is the ‘brain’ of your blog. A MySQL database consists of tables which contain all your data. These tables have prefixes (usually 2 characters) which distinguish different installations of the same script, which are running on the same MySQL database. The default prefix for WordPress is ‘wp_’.
So now you must be wondering why it is important to change this, and the answer is very simple. Any ‘baddie’ or hacker searching for sites to hack will try and identify the database table prefix, to get an sense of what platform you’re using. As soon as they see ‘wp_’ they yell ‘aha! this clown is using WordPress, so now I know how to get in and mess around with it’ (they may not literally yell this; I’m sure they have their own catch phrases while twisting their curled up mustache ends).
How do you get around this? When you’re installing WordPress, change the table prefixes from ‘wp_’ to something else. This at least has more of a chance of throwing off hackers, as they won’t see the default ‘wp_’ table prefix.
WordPress Security Tip #2: Re-name default WordPress directories.
WordPress, unfortunately, has some dead giveaways that you’re using the platform, which is easily seen in the source code. Go ahead and try it on your WordPress blog: right click in the page body and select ‘view source’. Close to the top of the code, you will see paths like ‘content’ and includes’. That’s the problem (I know, again with the wp!). Re-naming these directories is a little more complicated than you may think. If you simply change the name of the directories, chances are you will break the path to many important plugins, themes, and functions. However, it is still easily done by a developer who knows their stuff. It involves changing the paths in the actual plugin files from ‘includes’ to whatever you decide to name the directory. It shouldn’t take too long to complete, but this depends on how many plugins you’re using and how complex the code is. I know from experience that plugins using flash will be a lot harder to update to the new directory names.
WordPress Security Tip #3: Install WordPress security plugins.
WordPress being an open source application, has a billion plugins (not literally a billion, but lots!) available for free (and paid) to help secure your blog. Some essential ones (in my opinion) are:
- WP Security Scan: helps identify security holes in your blog.
- WordPress Firewall: monitors your site for suspicious activity and blocks many attacks, include ‘brute force’ attacks
- Stealth login: this one re-names your admin folder, so you can set your own admin url and not use the standard ‘wp-admin’
There are probably more out of there, but I find these ones do an excellent job of securing your blog.
In short, make sure you or your developer considers these security points when setting up WordPress. I have seen far too many developers who ignore these basic security points and the client ends up suffering in the end. Your blog is one of the biggest online marketing assets you have, so make sure to take the time to secure it properly to keep it running!
scholarships for hispanic
November 9, 2010 at 3:15 amThanks for your helpful Post, I hope you have a good day!
scholarships for hispanic
November 9, 2010 at 7:10 amYou nicely summed up the issue.
mexican scholarships
November 9, 2010 at 7:27 amHey really nice website, I noticed your website when doing study on some methods to develop my web log. I was simply inquiring which spam software system you use for comments as I get tons on my site.
scholarships for high school
November 9, 2010 at 7:28 amGenerally I do not post on blogs, but I would like to say that this post really forced me to do so! really nice post.
mexican scholarships
November 9, 2010 at 7:40 amThis article was extremely interesting
scholarships
November 9, 2010 at 7:41 amNice to see you back. And again by having an interesting post
bet365
November 12, 2010 at 4:26 pmGood day!This was a really splendid blog!I come from itlay, I was luck to look for your topic in yahoo Also I get much in your topic really thanks very much i will come daily
Polly
December 9, 2010 at 3:07 pmGreat article, really useful as I am setting up a wordpress website and it is good to know what WP plugins to use to get the best security. Thanks a lot Evo for your grate arctilcles!
motorcycle fairing
January 11, 2011 at 11:48 amWONDERFUL Post.thanks for share..more wait .. …
Beata Prock
January 18, 2011 at 7:00 pmUnquestionably believe that which you said. Your favorite justification appeared to be on the net the easiest thing to be aware of. I say to you, I certainly get irked while people think about worries that they just do not know about. You managed to hit the nail upon the top and defined out the whole thing without having side effect , people can take a signal. Will probably be back to get more. Thanks
Jane Pingtown
February 14, 2011 at 5:12 pmIt is extremely interesting for me to read this article. Thanx for it. I like such themes and everything that is connected to them. I would like to read more soon.
Katherine Flouee
February 21, 2011 at 4:07 pmIt was rather interesting for me to read this article. Thanx for it. I like such themes and anything that is connected to them. I definitely want to read a bit more on that site soon.
Natasha Karver
March 2, 2011 at 2:57 pmIt is very interesting for me to read the article. Thank you for it. I like such themes and anything connected to this matter. I would like to read more on that site soon.
Jenny Smith
March 22, 2011 at 4:33 pmIt was certainly interesting for me to read that blog. Thanx for it. I like such themes and anything connected to them. I definitely want to read more soon.
Mary Meetington
March 31, 2011 at 2:49 pmIt was extremely interesting for me to read that blog. Thanks for it. I like such topics and anything that is connected to this matter. I would like to read more soon.
Whitny Stone
April 13, 2011 at 4:45 pmIt is certainly interesting for me to read that blog. Thanx for it. I like such themes and anything that is connected to them. I would like to read more on this blog soon.
InharseBarKah
May 14, 2011 at 10:46 pmHey this post is not really interesting. Can you tell me any related articles?
Party Powder
June 16, 2011 at 9:00 pmNow this one is what I’ve been looking for. Would be giving you credits on the way how you deliver this great insight. Such an interesting story.
werTrerm
July 9, 2011 at 6:10 pmQuite right!
RuizEDWINA18
September 5, 2011 at 12:15 amThank you very much for the kind of great topic about this topic.
Colette_Tilotta
January 30, 2012 at 3:33 pmHappy to be visiting your blog again, it has been weeks for me. Well, this is the article that I’ve been waited for so long. Thanks,
vpn
July 17, 2012 at 6:27 pmSometimes its a pain in the a*# to read what weblog owners wrote but this web site is user friendly 🙂
faktury
August 14, 2012 at 6:06 pmThanks for fantastic information I was looking for this info.
ruthiegourkar
August 18, 2012 at 12:25 pmSuper that you share all the news
Ismael Hongeva
September 6, 2012 at 9:29 pmI simply want to tell you that I am beginner to blogs and really liked your web site.
Oursler
September 8, 2012 at 3:40 amAwesome weblog entry.
Zoraida
October 5, 2012 at 9:49 amNeeded to post you that almost no remarks to thanks all over again for these spectacular techniques you’ve provided in this post. It’s so particularly generous with folks as you to deliver what most people might well have marketed just as one book to earn some dough in their own business, primarily considering you could have tried it should you wanted.
Knights
September 12, 2012 at 12:52 pmYou seem to have a lot of knowledge about this, like you wrote the book on it or something. A great read. I’ll definitely be back.
Lekipotencja
September 14, 2012 at 9:21 amIt’s a really good read I think, Must admit that you actually are one of the perfect bloggers I ever saw. Appreciate your sharing placing this interesting article.
Bernard Kebalka
October 23, 2012 at 10:38 amyou are actually an admirable webmaster. The website loading speed is incredible.
Gisela Ravencraft
October 23, 2012 at 9:08 pmKudos for sharing with us your website.
Alecia Kooser
October 27, 2012 at 6:58 amEnormous educational thanks, I do believe your visitors will very likely want further blog posts like this, maintain the excellent effort.
Adam
November 8, 2012 at 5:15 pmWell, I really liked your blog, it is in my bookmarks.
Calaf
November 10, 2012 at 1:54 amI do not even know how I ended up here, but I thought this post was good. I don’t know who you are but definitely you’re going to a famous blogger if you are not already Cheers!
Maurice
November 18, 2012 at 12:52 amThanks – Enjoyed this post, can you make it so I receive an e-mail when you make a fresh post?
Alphonso Headrick
December 10, 2012 at 1:07 pmHi truly excellent read.
I must admit im pretty new to using WordPress well actually quite new. Just starting to get the hang of it. Reading your article has been extremely informative. I need to admit still not totally 100% percent clear in my head. So have just put your blog on my desktop so I can go straight to it and have another search later.
Alfredo Gfroerer
December 13, 2012 at 7:08 amas soon as I discovered this internet site I went on reddit to share some of the love with them.
Benny Bannon
December 19, 2012 at 9:15 pmI quite like reading through an article that will make people think. Also, thanks for allowing me to comment!
Aguire
March 4, 2013 at 10:57 amReally nice layout and fantastic subject material 😀
Drew Wisecup
March 26, 2013 at 2:50 amGreat work! This is the type of information that should be shared around the internet. Shame on Google for not positioning this post higher!
elke
November 23, 2013 at 1:49 pmFirst off I would like to say fantastic blog! I had a quick question which I’d like to ask if you do not mind. I was interested to know how you center yourself and clear your mind before writing. I’ve had a hard time clearing my mind in getting my ideas out there. I do enjoy writing but it just seems like the first 10 to 15 minutes are wasted simply just trying to figure out how to begin. Any ideas or hints? Many thanks!
Toronto Website Designers
November 23, 2013 at 6:05 pmHi Elke, thanks for your comment. I usually write articles in response to questions i’m asked during the month, and choose the most popular question i feel would be useful to everyone. I think because the topic is usually something i’m asked by a couple of people, i’m able to just sit down during a less hectic afternoon and begin writing.