10 tricks to increase the security or security of the WordPress CMS – My post this time is about tricks to improve the security of the WordPress website which I am currently using, we know WordPress as a strong CMS and of course many users, but hackers are also not likely to break it. for that I will provide tips and tricks to increase the security or security of your favorite WordPress website.
1. Use a strong password
Use a strong password, of course, a password that is more than 6 characters and combine it with numbers or other special characters so that it will be difficult to guess, with a strong password at least will make it difficult for tools that randomize your WordPress password.
2. Use Captcha in the login area
Install the captcha plugin to login to your WordPress area, so that those who log into your admin page are really human 🙂. You can download the captcha plugin for your WordPress login area here.
3. Always Update WordPress
WordPress is an open source CMS, of course everyone can see scripts from WordPress without being covered in the slightest and a platform must also have bugs, therefore update your WordPress frequently, because it can cover bugs that may exist in previous versions of WordPress.
4. Always update Plugins
WordPress provides so many plugins that you can use to help build your site, and these plugins are of course very vulnerable to bugs, but for plugin developers of course some will provide updates to their copyright plugins, if there are plugins that need updating then update after your plugins.
5. Turn off the Theme Editor and plugins
define( 'DISALLOW_FILE_EDIT', true );
WordPress allows you to edit scripts from templates and plugins that you use live on your dashboard, but to keep it from being edited if someone breaks or someone wants to deface your website I suggest turning off the editor’s feature by pasting the code below in wp-config.php file.
6. Install Wp Better Security Plugins
Use the Wp Better Security plugins or now known as iThemes Security which you can download here, because these plugins are very cool that can provide security and advise you to secure important things that are very vulnerable to attacks on your WordPress security side, there are so many capabilities of these plugins, from moving the contents of the wp-content folder to changing the url your login and much more. for its use I will post about how to use the complete iThemes security plugins here.
7. Hide the WordPress Version
Hiding the version of WordPress can make someone trying to break into your WordPress website, because maybe hackers will first see what version of WordPress you are using, and maybe hackers know the WordPress bug in a certain version.
8. Change the Login Username
Don’t forget to change your username, don’t use the username “admin” which is the default WordPress username when installed and also change the same username as the author name or your domain name. Use a unique username that is difficult to guess.
9. Always Backup Website & Database
Always back up your website and database regularly, make a schedule to back up your website and database, because that way you won’t lose the files or posts that you have built if something happens.
10. Block Plugins and Other Directory Access
To do this directory access blog, create an index.php or index.html file, but WordPress also creates it automatically in its source file. And here are the contents of the files you need to enter to block plugins directory access and more.
<?php // Silence is golden. ?>