• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • Home
  • Privacy Policy
  • Terms of Use
  • FTC Statement
  • Sitemap
  • About and Contact

Build A WordPress Website

Using WordPress as a Content Management System and Blog

  • Home
  • WordPress Install
    • WordPress Hosting
    • An Easy Way to Install a WordPress Website
  • WordPress Setup
    • Getting the WordPress Options Right
  • WordPress Plugins
    • WordPress CMS Plugins
    • WordPress SEO Plugins
  • WordPress Themes
    • Free WordPress CMS Themes
    • WordPress CMS Themes
    • Basic Theme Header Changes
  • Manual
    • Choose between Pages or Posts
  • Resources
You are here: Home / WordPress Setup / How to Secure Your WordPress Website – The Basics

How to Secure Your WordPress Website – The Basics

Filed Under: WordPress Setup June 7, 2013

In my book review WordPress 3 for Business Bloggers I told you that I missed one piece of content, which was options to secure your WordPress website, and that I would give you some tips on how to secure your WordPress website.

WordPress is a very popular Content Management System and as such is always under attack by hackers and crackers.

Most of the hack attempts are not focused on WordPress core security holes but rather plugin or theme security weaknesses.

Basics on how to Secure Your WordPress Website

WordPress security starts with the installation of your website and these steps can help:

  • choose a good web host
  • create a cryptic database and database username for your MySql database
  • create a highly secure password
  • don't use the standard wp_ prefix for ou tables
  • don't use the standard Admin user name but create a more difficult username and matching secure password

After installation use the permalinks option to create a .htaccess file in the root of your website.

Advertisements

Once the installation is done you can remove the following files:

  • wp-config-sample.php
  • readme.html (contains information on what version of WordPress you are running)
  • wp-admin/install.php
  • wp-admin/install-helper.php

Secure your files by changing the permissions on:

.htaccess to 404 (or 604)

wp-header.php tot 400 (or 600)

if possible move your wp-config.php file one folder up and set the security to 400 or 600 if your hosting (aff) company won't allow 400.

Secure Your WordPress Website Plugin Options

There are four plugins I always install on my WordPress websites:

WordPress Firewall 2 monitors web request to your website and blocks obvious attacks.

File Monitor Plus this plugin will send you an email if a file has changed on your website and which file(s) are changed.

WP Security Scan will let you know if you already are under attack and will give you extra tips and aids to block some standard attacks.

Login Lockdown looks at login attempts that fail from a certain IP address and shuts down login functionality for a certain amount of time for that address preventing further brute force attacks.

All of the above measures have helped me to secure my WordPress websites from attacks on several occasions.

Secure Your WordPress Website

WordPress 3 Cookbook

I also got a chance to read WordPress 3 Cookbook, a fun concept that gives you “recipes” that you can use on your own WordPress website.

Here is a short overview of the chapters in this fine book:

Chapter 1: The WordPress Cook's Tools
Chapter 2: Installing and Customizing Themes (aff)
Chapter 3: Working with Plugins and Widgets
Chapter 4: Customizing Content Display
Chapter 5: Building Interactivity and Community
Chapter 6: Implementing Online Sales and Advertising
Chapter 7: Making an SEO Friendly Site
Chapter 8: Enhancing Usability and Accessibility
Chapter 9: Managing Maintenance and Improving Security

And yes this one has a chapter on security :-) but the rest of the book is also a very good read and gives you over 100 short practical articles that you can use.

I really enjoyed reading and implementing several of the recipes on my own WordPress websites and I really suggest you take a look at the WordPress 3 Cookbook
as it has some nice pearls in it … but that said you need to be aware that you should have a code editor and FTP program. I recommend PSpad and FileZilla

Advertisements
Affiliate Link Disclosures

Others also read:

  1. Secure Your WordPress Website with Wordfence
  2. How To Speed Up WordPress on Your Website the Easy Way
  3. Book Review of WordPress 3 for Business Bloggers
  4. WordPress 3 SEO – How To Get Your Website To The Top Of Google

By Herbert-Jan van Dinther Filed Under: WordPress Setup Tagged With: Plugins, Security, wordpress 4 Comments

Top WordPress Hosting Company

HostGator.com

Start Your Own WordPress Website

To get started you need:
    1. Get Website Hosting from Greengeeks.com and use their easy WordPress installation script.
    2. Get a Cool WordPress Theme! I recommend themes from StudioPress.com and Elegant Themes
    P.S. This site is build with Genesis and Metro Theme from StudioPress.com.
3. Configure your WordPress settings and plugins and start writing...

Reader Interactions

Comments

  1. Bill says

    April 27, 2012 at 6:41 pm

    You can’t even run a spellcheck on your content and you expect people to take you seriously?

    Oh, and you should run down to the office supply store and buy a box of commas, then learn how to use them. Wait – commas are free!

    I guess you just need to learn how to use them!

    Reply
    • Herbert-Jan van Dinther says

      April 27, 2012 at 7:04 pm

      @Bill, thank your for pointing out some of my errors and yes I do need to improve on my English writing (I am Dutch). I recently came in contact with a good editorial reviewer, who I plan to hire to clean up the site and reduce the errors. I know those errors come from my lack of English Grammar and punctuation knowledge.
      Hopefully the content provided on this site will make up for these errors.

      P.s. text is cleaned up now :-)

      Reply
      • Irritated with petty people says

        July 4, 2012 at 6:25 am

        Bill: Perhaps you should refine your own sentence structure and semantics before you waste time posting criticism. Perhaps also you might learn that spell check is spelled properly by writing it in two words. Perhaps you need to wash your windows in your glass house.

        Thank you Herbert-Jan for your post.

      • Herbert-Jan van Dinther says

        July 7, 2012 at 10:41 pm

        @Irri: In Bill’s defense, there where some pretty horrible errors in this post before, so his comments were valid, the post was edited afterwards.

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Advertisements
Elegant Themes - Premium WordPress Themes

Get Free Updates!

New Articles right into your inbox, sign up for free now!

P.s. I won't Spam You or Sale Your Mail Address

FTC Disclosure

Disclosure: Please assume that any outbound link is an affiliate link, which means we may receive a commission in the event you click a link and make a purchase. Just so you know, affiliate links do not result in you paying a penny more. Read more...

Start Your WordPress Site!

Get your own WordPress site started::
  • 1. Get Website Hosting.from GreenGeeks.com and use their easy WordPress installation script.
  • 2. Get a Cool WordPress Theme, I recommend themes from
    StudioPress.com and Elegant Themes
  • P.S. This site is build on Metro by StudioPress.

Popular Articles

  • 7 Tips to Customize WordPress Twenty Eleven Theme
  • How To Make WordPress Look Like a Website
  • How to Build a WordPress Website
  • How To Upgrade Old Version of WordPress
  • WordPress Introduction
  • Basic Theme Header Changes
  • An Easy Way to Install a WordPress Website
Advertisements
Elegant Themes - Premium WordPress Themes

Topics

  • Weblog News
  • WordPress Blog
  • WordPress CMS
  • WordPress Plugins
  • WordPress SEO
  • WordPress Setup
  • WordPress Themes
  • WordPress Video

Footer

Most recent Articles

  • Spice Up Your Site With WordPress Shortcodes Ultimate
  • Keeping WordPress Up To Date and Secure
  • How To Upgrade Old Version of WordPress
  • 20 Basic WordPress Plugins for Your WordPress Website
  • 7 Tips to Customize WordPress Twenty Eleven Theme

StudioPress WP Themes

Advertisements
StudioPress Theme of the Month

WordPress Themes

Elegant Themes
StudioPress.com
ThemeForest
Mojo Themes

Copyright © 2023 Build a WordPress Website · Design Metro Theme by StudioPress