Top

WordPress Security Tips

WordPress Security Tips

WordPress security should be a top priority for all developers. Many clients have come to me with a WordPress blog that was set up by a friend or cheap freelance developer, and 100% of the time it was set up using all the default settings for WordPress without even the slightest consideration concerning security. If you don’t secure your WordPress blog/site with some basic security plugins and modifications, there is a good chance your blog/site will be hacked or targeted by people who have nothing better to do with their time but make your life more difficult.

In this article, I will address some basic, easy to do security settings for WordPress, so you can be assured your blog is not floating around the internet with giant loop holes in it’s security settings. While no method or plugin is 100% guaranteed to stop all attacks, implementing these basic rules will significantly reduce your chances of getting hacked.

WordPress Security Tip #1: Change your database table prefixes from wp_

If you’re not familiar with databases, then this one may be a little confusing. I promise I’m trying to avoid using ‘technical jargon’ as much as possible, so here’s a quick explanation of what this means. When you’re setting up WordPress for the first time, you go through 2-3 steps to get the basic site installed and running. One of these steps involves connecting WordPress to a MySQL database on your hosting package, which is the ‘brain’ of your blog. A MySQL database consists of tables which contain all your data. These tables have prefixes (usually 2 characters) which distinguish different installations of the same script, which are running on the same MySQL database. The default prefix for WordPress is ‘wp_’.

So now you must be wondering why it is important to change this, and the answer is very simple. Any ‘baddie’ or hacker searching for sites to hack will try and identify the database table prefix, to get an sense of what platform you’re using. As soon as they see ‘wp_’ they yell ‘aha! this clown is using WordPress, so now I know how to get in and mess around with it’ (they may not literally yell this; I’m sure they have their own catch phrases while twisting their curled up mustache ends).

How do you get around this? When you’re installing WordPress, change the table prefixes from ‘wp_’ to something else. This at least has more of a chance of throwing off hackers, as they won’t see the default ‘wp_’ table prefix.

WordPress Security Tip #2: Re-name default WordPress directories.

WordPress, unfortunately, has some dead giveaways that you’re using the platform, which is easily seen in the source code. Go ahead and try it on your WordPress blog: right click in the page body and select ‘view source’. Close to the top of the code, you will see paths like ‘content’ and includes’. That’s the problem (I know, again with the wp!). Re-naming these directories is a little more complicated than you may think. If you simply change the name of the directories, chances are you will break the path to many important plugins, themes, and functions. However, it is still easily done by a developer who knows their stuff. It involves changing the paths in the actual plugin files from ‘includes’ to whatever you decide to name the directory. It shouldn’t take too long to complete, but this depends on how many plugins you’re using and how complex the code is. I know from experience that plugins using flash will be a lot harder to update to the new directory names.

WordPress Security Tip #3: Install WordPress security plugins.

WordPress being an open source application, has a billion plugins (not literally a billion, but lots!) available for free (and paid) to help secure your blog. Some essential ones (in my opinion) are:

  1. WP Security Scan: helps identify security holes in your blog.
  2. WordPress Firewall: monitors your site for suspicious activity and blocks many attacks, include ‘brute force’ attacks
  3. Stealth login: this one re-names your admin folder, so you can set your own admin url and not use the standard ‘wp-admin’

There are probably more out of there, but I find these ones do an excellent job of securing your blog.

In short, make sure you or your developer considers these security points when setting up WordPress. I have seen far too many developers who ignore these basic security points and the client ends up suffering in the end. Your blog is one of the biggest online marketing assets you have, so make sure to take the time to secure it properly to keep it running!

42 Comments
  • scholarships for hispanic
    November 9, 2010 at 3:15 am

    Thanks for your helpful Post, I hope you have a good day!

  • scholarships for hispanic
    November 9, 2010 at 7:10 am

    You nicely summed up the issue.

  • mexican scholarships
    November 9, 2010 at 7:27 am

    Hey really nice website, I noticed your website when doing study on some methods to develop my web log. I was simply inquiring which spam software system you use for comments as I get tons on my site.

  • scholarships for high school
    November 9, 2010 at 7:28 am

    Generally I do not post on blogs, but I would like to say that this post really forced me to do so! really nice post.

  • mexican scholarships
    November 9, 2010 at 7:40 am

    This article was extremely interesting

  • scholarships
    November 9, 2010 at 7:41 am

    Nice to see you back. And again by having an interesting post

  • bet365
    November 12, 2010 at 4:26 pm

    Good day!This was a really splendid blog!I come from itlay, I was luck to look for your topic in yahoo Also I get much in your topic really thanks very much i will come daily

  • Polly
    December 9, 2010 at 3:07 pm

    Great article, really useful as I am setting up a wordpress website and it is good to know what WP plugins to use to get the best security. Thanks a lot Evo for your grate arctilcles!

  • motorcycle fairing
    January 11, 2011 at 11:48 am

    WONDERFUL Post.thanks for share..more wait .. …

  • Beata Prock
    January 18, 2011 at 7:00 pm

    Unquestionably believe that which you said. Your favorite justification appeared to be on the net the easiest thing to be aware of. I say to you, I certainly get irked while people think about worries that they just do not know about. You managed to hit the nail upon the top and defined out the whole thing without having side effect , people can take a signal. Will probably be back to get more. Thanks

  • Jane Pingtown
    February 14, 2011 at 5:12 pm

    It is extremely interesting for me to read this article. Thanx for it. I like such themes and everything that is connected to them. I would like to read more soon.

  • Katherine Flouee
    February 21, 2011 at 4:07 pm

    It was rather interesting for me to read this article. Thanx for it. I like such themes and anything that is connected to them. I definitely want to read a bit more on that site soon.

  • Natasha Karver
    March 2, 2011 at 2:57 pm

    It is very interesting for me to read the article. Thank you for it. I like such themes and anything connected to this matter. I would like to read more on that site soon.

  • Jenny Smith
    March 22, 2011 at 4:33 pm

    It was certainly interesting for me to read that blog. Thanx for it. I like such themes and anything connected to them. I definitely want to read more soon.

  • Mary Meetington
    March 31, 2011 at 2:49 pm

    It was extremely interesting for me to read that blog. Thanks for it. I like such topics and anything that is connected to this matter. I would like to read more soon.

  • Whitny Stone
    April 13, 2011 at 4:45 pm

    It is certainly interesting for me to read that blog. Thanx for it. I like such themes and anything that is connected to them. I would like to read more on this blog soon.

  • InharseBarKah
    May 14, 2011 at 10:46 pm

    Hey this post is not really interesting. Can you tell me any related articles?

  • Party Powder
    June 16, 2011 at 9:00 pm

    Now this one is what I’ve been looking for. Would be giving you credits on the way how you deliver this great insight. Such an interesting story.

  • werTrerm
    July 9, 2011 at 6:10 pm

    Quite right!

  • RuizEDWINA18
    September 5, 2011 at 12:15 am

    Thank you very much for the kind of great topic about this topic.

  • Colette_Tilotta
    January 30, 2012 at 3:33 pm

    Happy to be visiting your blog again, it has been weeks for me. Well, this is the article that I’ve been waited for so long. Thanks,

  • vpn
    July 17, 2012 at 6:27 pm

    Sometimes its a pain in the a*# to read what weblog owners wrote but this web site is user friendly 🙂

  • faktury
    August 14, 2012 at 6:06 pm

    Thanks for fantastic information I was looking for this info.

  • ruthiegourkar
    August 18, 2012 at 12:25 pm

    Super that you share all the news

  • Ismael Hongeva
    September 6, 2012 at 9:29 pm

    I simply want to tell you that I am beginner to blogs and really liked your web site.

  • Oursler
    September 8, 2012 at 3:40 am

    Awesome weblog entry.

    • Zoraida
      October 5, 2012 at 9:49 am

      Needed to post you that almost no remarks to thanks all over again for these spectacular techniques you’ve provided in this post. It’s so particularly generous with folks as you to deliver what most people might well have marketed just as one book to earn some dough in their own business, primarily considering you could have tried it should you wanted.

  • Knights
    September 12, 2012 at 12:52 pm

    You seem to have a lot of knowledge about this, like you wrote the book on it or something. A great read. I’ll definitely be back.

  • Lekipotencja
    September 14, 2012 at 9:21 am

    It’s a really good read I think, Must admit that you actually are one of the perfect bloggers I ever saw. Appreciate your sharing placing this interesting article.

  • Bernard Kebalka
    October 23, 2012 at 10:38 am

    you are actually an admirable webmaster. The website loading speed is incredible.

  • Gisela Ravencraft
    October 23, 2012 at 9:08 pm

    Kudos for sharing with us your website.

  • Alecia Kooser
    October 27, 2012 at 6:58 am

    Enormous educational thanks, I do believe your visitors will very likely want further blog posts like this, maintain the excellent effort.

  • Adam
    November 8, 2012 at 5:15 pm

    Well, I really liked your blog, it is in my bookmarks.

  • Calaf
    November 10, 2012 at 1:54 am

    I do not even know how I ended up here, but I thought this post was good. I don’t know who you are but definitely you’re going to a famous blogger if you are not already Cheers!

  • Maurice
    November 18, 2012 at 12:52 am

    Thanks – Enjoyed this post, can you make it so I receive an e-mail when you make a fresh post?

  • Alphonso Headrick
    December 10, 2012 at 1:07 pm

    Hi truly excellent read.
    I must admit im pretty new to using WordPress well actually quite new. Just starting to get the hang of it. Reading your article has been extremely informative. I need to admit still not totally 100% percent clear in my head. So have just put your blog on my desktop so I can go straight to it and have another search later.

  • Alfredo Gfroerer
    December 13, 2012 at 7:08 am

    as soon as I discovered this internet site I went on reddit to share some of the love with them.

  • Benny Bannon
    December 19, 2012 at 9:15 pm

    I quite like reading through an article that will make people think. Also, thanks for allowing me to comment!

  • Aguire
    March 4, 2013 at 10:57 am

    Really nice layout and fantastic subject material 😀

  • Drew Wisecup
    March 26, 2013 at 2:50 am

    Great work! This is the type of information that should be shared around the internet. Shame on Google for not positioning this post higher!

  • elke
    November 23, 2013 at 1:49 pm

    First off I would like to say fantastic blog! I had a quick question which I’d like to ask if you do not mind. I was interested to know how you center yourself and clear your mind before writing. I’ve had a hard time clearing my mind in getting my ideas out there. I do enjoy writing but it just seems like the first 10 to 15 minutes are wasted simply just trying to figure out how to begin. Any ideas or hints? Many thanks!

})(jQuery)