As with every WordPress site, it is extremely important to take the necessary precautions to secure your site. There are a number of things you can do to better secure your site from hackers.
- Maintain Strong Passwords – nuff said. Don’t be lazy with your passwords. Be creative.
- Don’t use Admin as your username – Hackers use bots to guess your login credentials. Using “Admin” means they only have to guess your password.
- Back it up – Perform regular (ie. daily) backups of your WordPress site.
- Always Update – WordPress releases security updates on a regular basis… always update.
- Proactively block Brute Force Attacks – Hiding the wp-login.php and wp-admin will block bots from finding these pages. Our wp Sonic Defender plugin does a good job at that. 🙂
- Monitor for Malware – Hackers like to inject malware into wordpress scripts. Use an application that will monitor and remove malware from your WordPress installations.
- Change the Database Prefix – The default prefix for your database files is “wp_”. Hackers look for this.