Photo by Jason Bain
Every year the National Car Insurance Bureau releases its Hot Wheels list of the most-stolen cars in the United States. While the cars on the list change every year, they all share two characteristics: they are among the most popular cars out there, and they’re easy to steal.
If you use WordPress, you’re running the most popular content management system out there, which is great if you need themes, plug-ins, and other services. But, the downside is that every hacker out there knows the WordPress system in and out, making your site vulnerable to attack.
But as every owner of a Toyota Camry or a American-made pickup truck knows, if you think your site is vulnerable, you can protect it with extra security measures. Here are a few tips to make your WordPress site more secure.
Ward Against Brute Force
Even the best car security system can’t stop a thief with a bit of technical know-how and a rock. Web sites aren’t much different, and the so-called “Brute Force” log-in, where a hacker just throws thousands of passwords at your system in hopes that one is right, is among the most effective way to access your site.
There’s an easy way to prevent this: just limit the number of logins any one user can use to access your system. By installing a simple plug-in, Limit Login Attempts, you can stave off the simple-minded hackers who try to just force their way into your system.
Limit Editor Access
Even if you’ve kept your own username and password secure, your site contributors might not have taken the same precautions. In the default setting for WordPress, editors can change your site design, making it easier for someone to get into your system and change its theme. To prevent this from happening, make this simple modification in your functions.php file:
define ( ‘DISALLOW_FILE_EDIT’, true );
There’s No Place Like Home (to control your site)
The best—and worst—thing to happen to your personal website is for a post of yours to go viral, and attract visitors from around the world. At best, these new visitors will bring welcome attention to your site, and you can monetize this fame by selling more ads, more products, or both.
The downside, though, is that a vulture discovers the vulnerabilities in your newly popular site, and shuts it down for hours, even a day, causing you to lose out on thousands of potential customers.
One simple way to prevent this is to modify your .htaccess file for more detail in order to give even a small site the security you need. For example, by limiting access to your WP Admin directory to a single IP address (yours), you can stop all but the most relentless hackers.
Backup Your System
With a good hosting company, like A Small Orange, you can be sure that your site won’t crash when you need it most. But if you do happen to suffer an attack, having a good backup program ensures that you’ll be able to get all your content back in short order. While there are a number of WordPress-specific back up solutions, we like the free plug-in BackWPup, and, for a more sophisticated program, Backup Buddy.
Save 25% off your first month with us on any hosting package.
Just use the coupon code “FACETWEET” when you sign up with us.
Get started here!