In the online world, system security is very important to pay attention to, as well as for those of you as a blog or website owner you must also pay attention to the security of your site. If you are a WordPress user then this is important for you to implement. Because in this article I will provide easy tips to improve WordPress security, so that your WordPress site remains safe and protected from hack attacks.
5 Tips to Improve WordPress Security
In this post, we cover five quick and easy tips that you can apply today to secure your WordPress site.
1. Delete or Change Username “admin”
Username “admin” is the default name used by WordPress and is also very often used by most WordPress beginners. Username with the name “admin” is familiar and if you do not change it will make it easier for someone to potentially hack into your WordPress site.
Here’s how to delete the “admin” username:
- Feel free to create a new username on the “Users” menu and create a unique name that is not easy for others to guess. And make your username different from the username that will be displayed on the frontend of your WordPress site. Because if you don’t make any difference it is useless because other people can easily see it in the Author section of each of your posts.
- Create a strong password for the new user with several unique characters and a combination of letters, numbers and uppercase letters. And don’t forget to assign this new user the “admin” user role.
- After you have finished creating your new user, please log out and log in using the username and password that you just created. Then go back to the “Users” menu and delete your old username with the name “admin”.
2. Always update the core WordPress and All Plugins and Themes
Always take care to update to the new WordPress, WordPress Theme and WordPress plugin. Security vulnerabilities are often found and fixed as quickly as possible in new released versions. Keeping the WordPress core, plugins and themes up to date will help prevent security vulnerabilities on your site.
When you log into your WordPress dashboard, always see if you see a notification or notification in the admin bar at the top of the screen telling you the number of updates you need to make for your site. The example image above shows that there are 9 updates available for plugins and themes on this WordPress site. And updating WordPress is very easy, you just need to click update and everything will be done very quickly.
3. Remove unused Plugins and Themes
This is also important for you to do, by removing plugins and themes from your site that you don’t activate. You should really check if every plugin you use is useful to you. And if you find useless, delete it immediately. In addition, do not also collect useless plugins on your WordPress site, because this will be very bad for the smooth running of the WordPress site, and this is often done by novice WordPress users.
When you delete an unused WordPress plugin, make sure that it is completely removed, both from your site and database. Because some plugins leave information that is still left in your WordPress database. And read the article below about the best WordPress plugins that you must install.
4. Update Salt and Key regularly
WordPress also includes a secret authentication security key and a salt into your WordPress wp-config.php file. Salt WordPress is a random string of WordPress hash data as a security key that is placed in the wp-config.php file. Basically, these WordPress security keys are additional passwords for your site that are long, random and complex, making them nearly impossible to guess.
If you open an
wp-config.php You, you will see the Authentication Unique Keys and Salt with seven security key sections.
To make Salt and Key, please visit the link here.
And feel free to copy the salt and key to replace the salt and key that is already installed in your wp-config.php file.
5. Make sure to use strong passwords for each user
A strong password is a password that consists of several unique characters that are difficult for someone to guess and makes brute force attacks more difficult to crack.
When you create your password, be sure to set it like this:
- Create a password by including alphabetic characters and numbers, try more than one.
- Create a password including unique characters like (! @ # $% ^ & * ())
- Create a long password, at least 10 characters
- Create a password without including your name, date of birth, site name or names that are easy to guess.
Having a strong password is a little difficult to remember, but it’s better for you to make it than you have to lose your WordPress site.
Consider using WordPress Security Plugin. By using a good and competent security plugin, make the steps above easier. And your WordPress security is also even more powerful because the security plugin is made specifically to increase WordPress security as a whole in every important part of WordPress that is often targeted by hackers.
As an example of a plugin that I recommend is iThemes Security. You can use the free version of iThemes to try it out, and the free version alone makes your WordPress site much safer than ever. But if you feel you are lacking, then you can buy the pro version from iThemes security. iThemes Security will help you optimize WordPress security easily with just one click, there are several security optimizations you can do quickly and automatically. Anyone who is new or new to WordPress can have a secure site without overwork with the help of iThemes Security.
And those are some easy tips to improve the security of your WordPress site. Please apply the easy tips above to keep your WordPress site safe and don’t forget to use it best hosting so that your WordPress site is secure and running smoothly. Good luck 🙂