WordPress Themes, Plugins, Tutorials, Tips And More...

Tag: Security Page 1 of 2

WordPress Security Plugin by ThreatPress

If you are having trouble keeping your WordPress website safe, then there is the WordPress Security Plugin by ThreatPress for you. This plugin is light weight, but at the same time it is one of the most powerful tools when it comes to securing WordPress sites.

To add extra armour to your site, this plugin comes with accessibility to ThreatPress Database and ThreatPress Scanner. These two plugins are responsible in making the WordPress security plugin light weight and lightning fast. With the aid of these resources the Security plugin uses minimum server resources, works at supersonic speed and is light weight.

Here are a few things that you will be able to do with the ThreatPress Plugin

  • Check your WordPress site, plugins and themes against the ThreatPress Database for any inconsistencies. You can command manual checks and set periodic checks as well.
  • Apart from that, the ThreatPress Site Scan will scan your site status against several databases including like Google Safe Browsing, Phishtank, Malware Domain List and Spamhaus-ZEN.
  • The plugin checks the integrity of your site core by checking all core files of any installation. This thorough policing does not allow any malware to go undetected in any WordPress file.
  • With all these options available, you can still command them manually rescheduling any test again. Apart from that the Security plugin also gives you a lockout function that helps you to secure your site from sheer brute force as well as vicious password picking attacks.

Download

Best WordPress Security Plugins

Security

Security plays an important role for one’s site. Whether you are running a whole new website or you are running a decade old website, it needs to be secure at first. Well here in this article, we have rounded up the best of WordPress security plugins which you can opt for using it out in your website.

WP Security Audit Log

The plugin keeps a WordPress audit log of all users’ changes and other under the hood activity.

More Info | Download

6Scan Security

The plugin provides comprehensive enterprise-grade security with frequent site scans, powerful firewall, automatic backup, web analytics and much more.

More Info | Download

iThemes Security (formerly Better WP Security)

The plugin is the easiest, most effective way to secure WordPress in seconds.

More Info | Download

All In One WP Security & Firewall

The plugin is a comprehensive, user-friendly, all in one WordPress security and firewall plugin for your site.

More Info | Download

Sucuri Security – Website Firewall (CloudProxy)

The plugin is a subscription based WAF and Cloud-based IPS designed to provide optimal security to everyday website.

More Info | Download

Acunetix WP Security

The plugin scans your WordPress installation for security vulnerabilities.

More Info | Download

Acunetix Secure WordPress

The plugin scans your WordPress installation for security vulnerabilities.

More Info | Download

Centrora Security

The plugin protects your WordPress site with Centrora Security. It also recommended for multiple sites security management.

More Info | Download

Wordfence Security

The plugin is a free enterprise class security and performance plugin which makes your site up to 50 times faster as well as more secure.

More Info | Download

BulletProof Security

The plugin is an effective, reliable, easy to use which protects your website very well.

More Info | Download

Sucuri Security – Auditing, Malware Scanner and Security Hardening

The plugin is a security toolset for security integrity monitoring, malware detection and security hardening.

More Info | Download

Login Security Solution

The plugin locks down login security for multisite and regular WordPress installations.

More Info | Download

Page Security by Contexture

The plugin allows admins to create user groups and set access restrictions for any post, page or section.

More Info | Download

Best Of WordPress Security Plugins

Security

Unless and until your website is secured enough, it will be in high risk either to get hacked or tackled or even something more. While one definitely considers putting up security measures to protect the site, one can use the available WordPress security plugins for their website.

Wordfence Security

The plugin is a free enterprise class security and performance plugin that makes your site up to 50 times faster and more secure.

More Info | Download

BulletProof Security

The plugin lets you protect against 100,000s of different attacks. Moreover it also offers WordPress database backup and protection.

More Info | Download

WP Security Audit Log

The plugin identify WordPress issues before they become a security problem by keeping an audit log of users and all of the under the hood WordPress activity.

More Info | Download

6Scan Security

The plugin provides comprehensive enterprise-grade security with frequent site scans, powerful firewall, automatic backup, web analytics and much more.

More Info | Download

iThemes Security

The plugin gives you over 30+ ways to secure and protect your WordPress site.

More Info | Download

All In One WP Security & Firewall

The plugin offers a comprehensive, user-friendly, all in one WordPress security and firewall plugin for your site.

More Info | Download

Centrora Security

The plugin protect your WordPress Sites from attacks and hacking. The built-in Malware and Security Scanner helps you identify any security risks, malicious codes, spam, virus, SQL injection, and security vulnerabilities.

More Info | Download

Acunetix WP Security

The plugin scans your WordPress installation for security vulnerabilities.

More Info | Download

Login Security Solution

The plugin offers a simple way to lock down login security for multisite and regular WordPress installations.

More Info | Download

WebsiteDefender WordPress Security

The plugin helps you secure your WordPress installation and provides detailed reporting on discovered vulnerabilities and how to fix them.

More Info | Download

Ultimate Security Checker

The plugin helps you identify security problems with your wordpress installation. It scans your blog and gives a security grade based on passed tests.

More Info | Download

Best WordPress Security Plugins

Security

While working over the website, security is must although one can consider choosing one-to-many plugins available for the purpose but the question is what THE BEST plugins are. Well here in this article, we have collected the best WordPress security plugins for you.

Acunetix Secure WordPress

The plugin scans your WordPress installation for security vulnerabilities.

More Info | Download

Total Security

The plugin checks your WordPress installation and provides detailed reporting on discovered vulnerabilities, anything suspicious and how to fix them.

More Info | Download

Login Security Solution

The plugin provides security against brute force attacks by tracking IP, name, password; requiring very strong passwords.

More Info | Download

Htaccess Secure Files

The plugin allows securing files in WP’s media library to be only accessible to users with specific roles, capabilities, or IP addresses.

More Info | Download

WebsiteDefender WordPress Security

The plugin helps you secure your WordPress installation and provides detailed reporting on discovered vulnerabilities and how to fix them.

More Info | Download

Page Security by Contexture

The plugin allows admin to create user groups and set access restrictions for any post, page or section.

More Info | Download

Wordfence Security

The plugin is a free enterprise class security plugin that includes a firewall, virus scanning, real-time traffic with geolocation and more.

More Info | Download

BulletProof Security

The plugin protects your WordPress website against XSS, RFI, CRLF, CSRF, Base64, Code Injection and SQL Injection… hacking attempts.

More Info | Download

WP Security Audit Log

The plugin identify WordPress issues before they become a security problem by keeping an audit log of users and all of the under the hood WordPress activity.

More Info | Download

OSE Firewall™ Security

The plugin powered by ProWeb. It protects your WordPress Website from attacks and hacking.

More Info | Download

All In One WP Security & Firewall

The plugin is a comprehensive, user-friendly, all in one WordPress security and firewall plugin for your site.

More Info | Download

Jumpple Security

The plugin protects your website against technical, content or any other issues that may occur.

More Info | Download

Better WP Security

The plugin takes the best WordPress security features and techniques and combines them in a single plugin thereby ensuring that as many security holes as possible are patched without having to worry about conflicting features or the possibility of missing anything on your site.

More Info | Download

Best WordPress Security Plugins

Security

Securing the website is one such important task which every website owner thinks at first stage itself. There are number of things in- and around- which will leads towards creating a mess for the whole of the website in one single go. Well, thanks to WordPress, more and more security plugins are coming into existence and considering the same on thought, today, we will be sharing you the best available WordPress security plugins with you.

Wordfence Security

The plugin is a free enterprise class security plugin that includes a firewall, virus scanning, real-time traffic with geolocation and more.

More Info | Download

BulletProof Security

The plugin protects your WordPress website against XSS, RFI, CRLF, CSRF, Base64, Code Injection and SQL Injection… hacking attempts.

More Info | Download

WP Security Audit Log

The plugin identify WordPress issues before they become a security problem by keeping an audit log of users and all of the under the hood WordPress activity.

More Info | Download

OSE Firewall™ Security

The plugin powered by ProWeb. It protects your WordPress Website from attacks and hacking.

More Info | Download

All In One WP Security & Firewall

The plugin is a comprehensive, user-friendly, all in one WordPress security and firewall plugin for your site.

More Info | Download

Jumpple Security

The plugin protects your website against technical, content or any other issues that may occur.

More Info | Download

Better WP Security

The plugin takes the best WordPress security features and techniques and combines them in a single plugin thereby ensuring that as many security holes as possible are patched without having to worry about conflicting features or the possibility of missing anything on your site.

More Info | Download

Acunetix Secure WordPress

The plugin scans your WordPress installation for security vulnerabilities.

More Info | Download

Total Security

The plugin checks your WordPress installation and provides detailed reporting on discovered vulnerabilities, anything suspicious and how to fix them.

More Info | Download

Login Security Solution

The plugin provides security against brute force attacks by tracking IP, name, password; requiring very strong passwords.

More Info | Download

Htaccess Secure Files

The plugin allows securing files in WP’s media library to be only accessible to users with specific roles, capabilities, or IP addresses.

More Info | Download

WebsiteDefender WordPress Security

The plugin helps you secure your WordPress installation and provides detailed reporting on discovered vulnerabilities and how to fix them.

More Info | Download

Page Security by Contexture

The plugin allows admin to create user groups and set access restrictions for any post, page or section.

More Info | Download

Reviewed – Better WP Security Plugin

Introduction

You completed building your WordPress blog, but still feels that something got missing – what is it? It’s the questions which coming up in your mind. Questions like “Is my WordPress blog secured?” Do I have the best WordPress Security Plugins installed?” “Do my blog contain no security risks?” There are one-to-many things involved which staining in and around your WordPress blog. The best bet to avoid such risk is with the use of some good security WordPress plugin.

Better WP Security Image - 1

There are numerous security plugins available out there – some are good in performing one task and some are good in performing others – but what if one gets all the things in one single box of goodies, the security plugin which can do most of your work. I have been sharing as well as reviewing to ease your job a very good WordPress security plugin, Better WP Security plugin. The plugin is good, efficient and completes the entire task which one looking onto security perspectives.

With one-click activation for most features as well as advanced features for experienced users Better WP Security can help protect any site. The plugin takes the best WordPress security features and techniques and combines them in a single plugin thereby ensuring that there will be no security holes out there in your site.

Better WP Security Image - 2

Features

  • Scan your site to instantly tell where vulnerabilities are and fix them in seconds
  • Ban troublesome bots and other hosts
  • Ban troublesome user agents
  • Prevent brute force attacks by banning hosts and users with too many invalid login attempts
  • Strengthen server security
  • Enforce strong passwords for all accounts of a configurable minimum role
  • Force SSL for admin pages (on supporting servers)
  • Force SSL for any page or post (on supporting servers)
  • Turn off file editing from within WordPress admin area
  • Detect and block numerous attacks to your filesystem and database
  • Detect bots and other attempts to search for vulnerabilities
  • Monitor filesystem for unauthorized changes

Better WP Security Image - 3

  • One-click protection
  • Create and email database backups on a customizable schedule
  • Make it easier for users to log into a site by giving them login and admin URLs that make more sense to someone not accustomed to WordPress
  • Detect hidden 404 errors on your site that can affect your SEO such as bad links, missing images, etc.
  • Works on multi-site (network) and single site installations
  • Works with Apache, LiteSpeed or NGINX (NGINX will require you to manually edit your virtual host configuration)
  • Some features can be problematic if you don’t have enough RAM to support them. All my testing servers allocate 128MB to WordPress and usually don’t have any other plugins installed. I have seen issues with file check and database backups failing on servers with 64MB or less of RAM, particularly if there are many other plugins being used.

Download, Installation & Configuration

Better WP Security Image - 4

  • Backup your WordPress database, config file, and .htaccess file
  • Upload the zip file to the /wp-content/plugins/ directory
  • Unzip
  • Activate the plugin through the ‘Plugins’ menu in WordPress
  • Visit the Better security menu for checklist and options
  • If in case you don’t want to configure Better WP Security yourself but still want to make sure your site is secure as possible? You can purchase premium installation and configuration for Better WP Security.

Summary & Review

Better WP Security is an easiest and most effective way I have ever found to secure WordPress. The plugin will improve the security of any WordPress site you own or linked up in seconds. It includes the best WordPress security features and techniques on board one thinks of. I recommend to use the plugin as it will let you make your site secure in better ways.

Note:

1. Is your product the Next Big Thing? Wanna have the whole of world heard what you are coming up with via our website? We have two options for you to submit your WordPress-related product or service to be reviewed on JustWP.

More Info | Free Submission | Speedy Submission

2. Like the post, then make sure you do follow and like us on both Twitter and Facebook.

Reviewed – Automattic’s VaultPress Backup, Security And Support Service

Introduction

Running a huge big blog or a website always brings security risk from time-to-time. Whether it would be by mistake or done by some intentions, losing the whole of your blog or its content or databases is a huge loss. But, do you know you can prepare yourself well in advance before any such thing comes in front of you. Simply backup everything as who knows what will come in front of you.

VaultPress - 1

Although there are plenty of plugins available out there which will backup everything you have on your website, but the most popular of these services is VaultPress and just it happens to be run by Automattic. Automattic launched VaultPress back in March 2010 and since then the time; the service gained a whole lot of positive reputation amongst the users as well as WordPress community.

Initially just like other products, the service launched as an invite-only service, but since then it has opened its door for the common public offering three tiers of paid subscriptions: VaultPress Lite, VaulPress Basic (the popular one) and VaultPress Premium. All are charged on monthly basis and provide various features accordingly.

Features & Pricing

As just mentioned that the service comes under three hoods: Lite, Basic and Premium. They all includes and brings different features to the users. As opting for way up the tiers you will gain more frequent and better backups option, better support response times, disaster recovery, security scanning and lots more. You can purchase either of VaultPress subscription on a per site basis means if you have more than one site, you have to purchase an additional subscription for that.

VaultPress - 2

Subscriptions are managed via a WordPress.com account while if you don’t have the one, then you will need to create one. On understanding differences between the three, you will find real-time backups as compared to daily backup, disaster recovery as compared to 30 days backups. Here on JustWP.org we are using VaultPress Basic but if you are happy with daily backup, automated site restore, 30 days of backup, then VaultPress Lite will be the right option for you.

Download, Installation & Configuration

The Basic

  • If you already have a WordPress.org account, you can link it to VaultPress else you need to create the one.
  • You have to select and buy the subscription pack from the three options available: Lite, Basic and Premium
  • Once you make the purchase and the payment is successfully done and the credit card is charged, you are asked to enter FTP credentials. These data will be used to recover your website while this step can be done later.

VaultPress - 3

Download

The VaultPress plugin must be installed and activated before you can access your dashboard. You can download the plugin either via VaultPress website by the link here or through WordPress plugin respiratory.

Install

Install via the WordPress Admin

  • While signed in to your sites WordPress Admin, browses to the Plugins section, and click on Add New.
  • Click on Upload near the top of the page. Then click on the Choose File button and select the vaultpress.zip you downloaded from your VaultPress Dashboard. Finally, click the Install Now button.
  • WordPress will now upload and install your Plugin. Once the installation of your Plugin has finished click the Activate Plugin link.
  • Once activated, you’ll see a persistent message from VaultPress letting you know that your setup is not complete. Click on the Register VaultPress button.

VaultPress - 4

Install via FTP Upload

  • After downloading the plugin from your Dashboard, you’ll need to unzip it.
  • Using an FTP application upload the unzipped plugin to the wp-content/plugins/vaultpress/ folder.
  • Sign in to your site’s WordPress admin, and browse to the Plugins section. You should see VaultPress listed under Inactive plugins. Click on the Activate link.

Configuration

  • If you’ve registered VaultPress on your site before, your registration key may already exist. If this is the case, you’ll see a slightly different message, and your site will begin backing up immediately.
  • On the VaultPress section of your WordPress admin, you will need to enter your registration key.
  • You can find your registration key in your VaultPress Dashboard or in your welcome email. Your registration key is valid for one site.
  • After registering your plugin, VaultPress will immediately begin backing up your site. If this is your first time installing VaultPress on your site, you’ll see the status report for your initial backup.

VaultPress - 5

Summary & Review

I have been using the VaultPress plugin for now more than two years – the first time I used it for JustWP.org’s sister blog I2Mag and till now I never got any problem with it. The team behind VaultPress is very impressive and response back in fair enough time. Using the service makes me feel at peace as now I don’t have to think much on how the things are going at the backend and if there any security issue, data loss, malware or any other potential threats comes on board.

The other best part I like about it is that the service is remarkably easy for those also who are not tech savvy and feel shy about using and trying new technology. Using VaulPress means I am getting a full locked backup, security and support solution from one source itself and all that at a nominal cost. I highly recommend signing up for VaultPress for a month (at least) and see if you like it while if in case you don’t, then there is always an option available for cancelation of your subscription.

Note:

1. Is your product the Next Big Thing? Wanna have the whole of world heard what you are coming up with via our website? We have two options for you to submit your WordPress-related product or service to be reviewed on JustWP.

More Info | Free Submission | Speedy Submission

2. Like the post, then make sure you do follow and like us on both Twitter and Facebook.

Hardening WordPress Security: Monitoring

Monitoring

After discussing two of the main realm of WordPress security – Understanding Vulnerabilities and Securing – today we are moving towards the final process of understanding how we can monitor the whole of our set system as sometimes, only taking precautions can’t help us out and in that time, we have to consider the third option, monitoring. This means that sometimes prevention only not worked out here and there are chances that you may still be hacked, at that time intrusion detection/monitoring plays an important role. It lets you allow reacting faster, understanding better that what’s in actual going on behind the scene and how and in what ways you can recover your site.

Note: If you missed out first and second part of this three-part series, then you can read it at – Hardening WordPress Security: Understanding Vulnerabilities and Hardening WordPress Security: Securing.

Suggested Readings:

#1 Monitoring Your FTP Log Files

If you are on shared or reseller hosting, then you probably don’t have access to the FTP logs files for your account and in that case you need to talk with your hosting provider to provide you the one while if you are on VPS and Dedicated Server, then you have higher authorities with you and you can access your FTP log files which are located at the /var/log/messages directory.

#2 Monitoring Your Apache Log Files

If you are on shared or reseller hosting, you can have an access of your apache log files by logging onto your cPanel followed by clicking on the Error Log icon. The file contains the last 300 Apache errors which have been triggered by your website.

If you are on VPS or dedicated server without a cPanel installation, then you can get the log files in the /var/log/ directory while the apache log would then be located in the /var/log/httpd/ directory. If the server you are using comes with cPanel installs, the actual location of the Apache error log is /usr/local/apache/logs/error_log, where “error_log” is simply a plain text file.

#3 Monitoring Your Web Server Externally

If an attacker tries to add malware or deface your site, you can also detect these with the help of web-based integrity monitor solutions. In order to find the one such solution, all you have to Google it by looking onto Web Malware Detection and Remediation and the list will be there in front of you.

Photo Credit: Flickr/Keith Cooper

Hardening WordPress Security: Securing

Secured

Earlier I discussed about the various vulnerabilities which can harm your WordPress installations, including in the Computer, in the WordPress, in the Web Server or even in the Network. The idea is simple that there are one-to-many possibilities which leads to possibly harm and even in the worst case brings the whole of your work to a dead stage. So, what we can do to make the system secure, here again there are many things you can perform in order to safeguard the system, but still isn’t what one particular thing makes a perfect fit for you which not only makes your WordPress security strong but also make it hard to crack by anyone.

Note: If you missed out the first part of this three-part series, then you can read it at – Hardening WordPress Security: Understanding Vulnerabilities

Suggested Readings:

Securing

#1 By Strong Passwords

If you are having or keeping a strong password, then you are already in a step one of avoiding potential vulnerabilities which can possibly harm your installation. A strong password is one such an important task that you have to keep it up at first place, as its not only just a password but a lifeline of you to protect your site from vulnerabilities and hackers.

The stronger the password is, the better it make hard for the people to guess and even hard for a brute force attack to succeed. It will be always a good idea to use automatic password generators service such as MSD Services. The better the password you create, it lessen the chances for anyone to even think of it.

Moreover WordPress also having a password strength meter feature which when you put up your password in WordPress, it will show you up how strong your password is. A strong password not only just to protect your blog content, but also keep hackers away to install malicious scripts which can even result in compromising of your whole of server.

#2 Via FTP

Always use SFTP encryption whenever you connect to your server. Although the majority of you had never heard of what SFTP is? Well, SFTP is just like that as FTP, except the password and other data you put in will get encrypted as it’s transmitted between your computer and your website. This means your password is never sent in the clear way and it can’t be intercepted by a hacker. If in case you are unsure on how to get the one, you have to ask your web hosting provider about SFTP and they will guide you further on this.

#3 By File Permissions

You must be aware enough if you are an intermediate WordPress user that WordPress does allow to restrict the person to read, write, modify or access your WordPress filesystems as various files to be writable by the web server itself. While if any of such allowance can one have on writing access to the files will result in potentially dangerous, mainly in shared hosting environment.

It is always best to lock down your file permissions to as much as best extend you can while also loosen those restrictions in which you think you will be in need to allow writing an access or creating specific folders which will be having less restrictions for the purpose like uploading files.  The better the file system you have the better protection you set for your blog or site.

Suggested Reading: How To Change The File Permissions In WordPress?

#4 Securing Database

If you are running more than one blog on the same server, it will be good on considering keeping all of them in different databases each will be managed by different set of users. The best practice is to do all this step at the very same time when you perform your initial WordPress installation. As if all the databases are under one umbrella, then if an intruder successful in cracking one WordPress installation, then it will not be much hard to alter all of your other blogs. Make sure you understand your MySQL configuration well if you administer MySQL yourself while do make a note that your all un-required features are disabled.

Suggested Readings:

#5 Securing wp-admin

It is always good to add a server-side password protection to yours /wp-admin/ by adding a double protected layer around your blog’s admin area, the login screen as well as your files. Doing this will give an edge to an attacker or bot to attack as now it has to crack not one, but two security layers instead of just your actual admin files.

Possible Attacks:

  • Sending an old/outdated Plugins and software (HTTP requests) to your server with specific exploit payloads for specific vulnerabilities.
  • Gaining access by using “brute-force” password guessing.

#6 Securing wp-includes

WP-includes can be secured on adding where scripts are generally not intended to be accesses by any user. All you have to do is to block the script using mod_rewrite in the .htaccess file. In order to do so, make sure you add the code below outside the #BEGIN WordPress and #END WordPress tags in the .htaccess file while remembering that WordPress can overwrite anything between these tags.

#7 Securing wp-config.php

To secure your wp-config.php file, make sure you move the file to the directory above your WordPress install, means you store wp-config.php file outside the web-root folder. Also make a note here that only you and of course your web server can read this file while using the code below can deny access to anyone who is trying to surf it.

#8 Disabling File Editing

The WordPress by default allows your blog admin to edit PHP files, including both the theme files and plugin which is the first thing that interest attackers who are able to gain access in your site. But, using the code below, you can even disable editing from your Dashboard itself. Place the code in wp-config.php will lead on stop allowing the users the capabilities to edit any of theme or plugin files.

#9 Plugins

Always make sure that all the Plugins you are using are updated while those are not in use, and are inactive, it’s better to delete them permanently from the system.

Photo Credit: Flickr/Michael Coghlan

If you like the post, make sure you do share your views via the comments below and also like and follow JustWP.org on Facebook and Twitter.

Hardening WordPress Security: Understanding Vulnerabilities

Security Cameras

We did earlier talked about on how to secure WordPress in different ways, but now taking the things to a step further. It’s best to understand different vulnerabilities which can affect your WordPress installations. There is no hard and fast rule which says I am secure but understanding, taking precautions and moreover taken serious steps only will leads towards a secure system. The idea on writing this article is not about detailing each and everything in one single go, but to divide the whole of thing in three parts: Understanding Vulnerabilities, Securing and Monitoring. In this article, we will be going to discuss about what various potential vulnerabilities are there which can harm or even make a huge big mess of your WordPress installation.

Security – What it is?

Although one can think of straight away that security is something about having secure systems, but in actual it’s more than that. The definition of security is to protect the privacy, integrity and availability of the resources under the server administrator’s control. The one, who is taking direct care of have to readily discuss security concerns, provides the server software most recent stable versions as well as offers reliable backup and recovery methods.

Suggested Readings:

The Basics

  • Security Themes: Always keep some general ideas over considering security for every aspect of your system.
  • Limiting access: Reduce possible entry points which are available to a malicious person.
  • Containment:  Your system being set in such a way so that it will minimize the damage which can be done in the event if it gets compromised.
  • Preparation and knowledge: Always keep your WordPress installation backup ready at regular intervals.

Vulnerabilities

#1 In The Computer

The computer you are using might be a home to hundreds (or even thousands of) spyware, malware and virus infections. You have to make sure that computers you have been using must be free from of all of them. Not even a single security amount in WordPress or on your web server will make even a small difference if the keylogger found on your system. Double check (or even if you still have doubt, triple check) that your web browser, operating system and software all are up to date.

#2 In The WordPress

Although WordPress is so good enough that if you are having an older version of installation, then it will showed up a message saying that the latest version is available and it’s good to install it. Always make sure that your WordPress have to be of latest version upload as it saves you from the D-day. The folks behind WordPress – an open source platform isn’t made from the knowledge of all of us – always keep its focus on updating regularly to address new security issues wherever it may arise. Also remember if you are still running on older version, then better update it to latest version today as older WordPress version not maintained with new security updates.

Suggested Reading: Updating WordPress – Will It Make My Site A Mess?

#3 In The Web Server

Although there are less chance that you might heard of this, if you are not at least an intermediate WordPress user – but there are also chances that the web server running WordPress and software running on it, can be the victim of vulnerabilities.

This means that it would be uttermost important that you would be running secure, stable versions of your web server as well as software over it, and make sure that you are using a trusted hosting provider which will be taking an extra care of it from the backend.

To note here that if your site is running on shared server (with total of 30 other websites on same server) and badly one of website gets compromised, then result of which your website can potentially be compromised too. Make sure you keep a note on with your web host on asking and discussing which security precautions they are taking.

#4 In The Network

Make sure that the network on both the WordPress server side as well as the client network site will be the trusted one. This can do by updating firewall rules both on your home router as well as by the networks on which you work from. Remember sending passwords from Internet cafe which have been using an unencrypted connection, wireless or other is not a trusted network. Your web host should be making double sure here that their network is not compromised by any types of attacks and the same you should do too.

Note: In the second-part of this three-part series, we will discuss about how you can secure your WordPress security.

Photo Credit: Flickr/Jaymis Loveday

Page 1 of 2

Powered by WordPress & Theme by Anders Norén