WordPress Security

You have come to the best place to learn more about web hosting. Sit back and enjoy our wonderful web hosting tutorials and become an expert in no time!
Post Reply
cllades
Posts: 2
Joined: Tue Nov 14, 2017 12:41 pm

WordPress Security

Post by cllades » Tue Nov 14, 2017 12:44 pm

Due to the popularity of WordPress it is often the target of hackers. It is a common misconception that WordPress is not a secure content platform but when managed correctly you should not have any security issues. This guide will provide you with all the information you need to keep your WordPress secure.


Brute Force Protection


Many WordPress attacks are done by trying to login to your admin area using many different passwords until they get a match. This is easily combated by using a brute force protection plugin, it will block access from the attacker's IP address for a period of time, blocking them from continuing to attack your site. You can even blacklist repeated offenders. The Brute Force Protection plugin is recommended.


Exploits


Attackers can force access to your site by exploiting bugs in old versions of WordPress, plugins and themes which have not been updated. It is recommend you update your WordPress installation when a new release is issued and keep your plugins and themes updated to the latest version. Keeping your WordPress updated is easy and only takes a few clicks when updates are available.

deskk
Posts: 2
Joined: Tue Nov 14, 2017 12:48 pm

Re: WordPress Security

Post by deskk » Tue Nov 14, 2017 12:49 pm

Exactly I often update my Wordpress version when a latest version is released.

Beside using a wordpress plugin, there is an alternative to stop Brute Force? What about pingpack and trackback? I heard that it helped hackers to attack WP sites, right?

radle
Posts: 1
Joined: Tue Nov 14, 2017 12:53 pm

Re: WordPress Security

Post by radle » Tue Nov 14, 2017 12:54 pm

Those tools could be useful for hackers yes.

An alternative to the brute force plugin would be to block access to WordPress admin page by using .htaccess to require a password to proceed to your admin login page.
This solution can also be used with a brute force plugin for an additional layer of security.

vbox
Posts: 1
Joined: Tue Nov 14, 2017 12:56 pm

Re: WordPress Security

Post by vbox » Tue Nov 14, 2017 12:57 pm

A very good post about WordPress security at KeyCDN blog here

But to answer to the thread, you should use a software solution like fail2ban instead of a plugin, as each plugin can be another security breach.

ilas
Posts: 2
Joined: Tue Nov 14, 2017 12:58 pm

WordPress Security

Post by ilas » Tue Nov 14, 2017 12:59 pm

If you host your website on a vps or dedicated server install config server firewall and comodo WAF ruleset. This will help preventing a lot of attacks.

buznoc
Posts: 2
Joined: Tue Nov 14, 2017 1:17 pm

Re: WordPress Security

Post by buznoc » Tue Nov 14, 2017 1:18 pm

great post thanks for this.. .good info...

Post Reply