Tips to increase security of a WordPress site


As we probably know today WordPress is the most popular for website development and blogging system with more than approx. 60 million websites (BuiltWith, 2013 and Coalo, J.J, 2012). If you are also using WordPres then security should be your primary concern as WordPress is a target for hacking attacks. If a WordPress site is hacked then apart from losing data, downtime can be expensive and have negative impact on business. So having a WordPress site means that one has to be careful protecting it from hacking. Below, some tips would be helpful reducing the risks for attacks to WordPress sites.

1. Preventing unauthorized access into admin page
Normally the default admin dashboard panel login is “wp-admin” and hackers have tendency to look for websites using the default username. This makes it easier for someone who is trying to access your website unauthorized. So you should install a plug-in to change the address of back-end login.

2. Use of strong password
Also use of strong password is recommended and not to “admin” as a user name. Password should be of minimum 8 characters with combination of uppercase and lowercase letters, numbers and symbols.

3. Update WordPress regularly
Every new release of WordPress contains patches and fixes that address real or potential vulnerabilities. It is recommended to update your WordPress version regularly with the new version to avoid attacks. Hackers sometimes intentionally target older versions of WordPress with known security issues, so better to keep it updated.

4. Limit the login attempts.
It will also be a good idea to limit the sign-in attempts, so after certain amount of tries with wrong credential, IP accessing will be auto-locked.

5. Disable file editing via the dashboard

Default WordPress installation allows you to Appearance > Editor and edit any of your theme files right in the dashboard. For some reasons, if a hacker managed to gain access to admin panel, they could also edit any of the system files, and execute whatever code they wanted to. So it is always recommended to disable this method of file editing. This can be done by simply adding the following to your wp-config.php file:

define( ‘DISALLOW_FILE_EDIT’, true );

6. Delete unnecessary plugins
Using many plugins at the same time is also a reason leading to attacks because one cannot control all of them and these plugins may not work well together. One should un-install or deactivate all unnecessary plugins which is not required by your site.

7. Use security plugins
Apart from implementing above measure to prevent your site from attacks, there are lot of plugins available which can be installed to reduce the chances of site being attacked.

8. Keep a backup

Last but not least! It is very important to do a regular back-up of your website. Even with the best security measures have been implemented on the site, one never know when something unexpected could happen that might leave your site open to an attack and you may have to go back to a back-up. By having latest back-up which can be easily restored in case if site is attacked.

To learn more and request information, please visit:

Leave a Reply


Bookmark Us

Delicious Digg Facebook Favorites More Stumbleupon Twitter


About us

About UsinstaCommerce is a fast, easy to use and powerful ecommerce and content management website service that Internet enables your business. This means that using instaCommerce, not only do you get your business online quickly, you also receive a powerful website that will expand as your business grows. instaCommerce does everything you would do in your day to day business, including discounts, special offers, coupons, online payments, shipping & handling and taxes. instaCommerce also brings a host of benefits to your website. These include features that allow you to extend special offers to your customers, keep in touch with them and quickly process orders and queries.
downloads online movies