If you are not sure of their website's security settings or not, check out the tips below, and even if you do not do.
==> 6 Simple Tips to Secure WordPress
1. Do not use the account name "admin"
After many tests and supported many people, I noticed that a lot of people named administrator account with the website name is "admin", "administrator". This indeed is a disastrous mistake.
The use of usernames popular style this insecure world is by now have some form of attack is the Brute Force Attack; means to continuously log on to your website with a list of accounts and passwords available that a hacker has somehow been.
Therefore, the common account as "admin" can easily be found via password Brute Force Attack this form. Once installed, the website should set yourself a real difference username and unpredictable as a "thachdeptrainhatvietnam" for example.
If you have missed taking a username named "admin", do not worry, you can use the plugin WPVN - Username Changer to change directly from the user.
2. Use complex passwords
Like the use of username is "admin", the use of a password is too simple may be susceptible to other forms of attack detection Brute Force Password Attack detected after a certain time.
Ideally, place the password include uppercase letters, numbers and special characters are the best. You do not need to worry too much about not being able to remember this password, you can use software such as LastPass, StickyPassword to save passwords and automatically log on to the next.
Tips: Use Strong Password Generator to generate strong passwords.
3. Update the plugin, theme, WordPress to the latest version
One piece of advice that is also very important to regularly update the version of the plugin, WordPress and the theme you are using on the website to the latest version. So probably older versions exist some pink hole "fatal" to the timely update you will avoid the risk of it.
The updated plugin, WordPress version is extremely simple, that's when it will have the new version announced and displayed on the website, in which selected it automatically updated to the new version before.
4. Use the host quality
If you are using the normal host services (Shared Host) it is important to use the host at suppliers to ensure the most.
Because Shared Host packages are located on the same server, but just one website in the collective website on servers infected with malicious code, the website will also have the risk of intrusion in the form of Local Attack .
Therefore, you should choose the services that host the prestigious sending instead of using the vendor at the user, has not been verified.
References: 7 Shared Services Host Best WordPress.
5. Stay away from the null - piracy
Products null they are saying here is that products such as premium paid plugins, premium themes are shared widely publicized in some specialized website to share these items.
You must know that the use of premium products that are not only share such serious violations of the rights issue, you are directly put her closer to malware.
A study has shown that the majority of the null rampant on the Internet today are malicious, and it may be illegal exploitation of natural resources your host, insert hidden or worse backlink is knocked out.
6. Avoid CHMOD 777
If you only heard CHMOD not quite understand it, but then drill to learn because it is quite lengthy, but I just need to know that you avoid the CHMOD the folder to 777. With 777 decentralized setting, ie you're set that folder with a maximum aperture makes every user on the server has the right to write / delete / executable directory and the files inside, this is the reason for why you are suddenly made website malware is unknown background.
If you use the Shared Host, you should know that the best way to be ready CHMOD 755 for folders, 644 files. For the file wp-config.php sensitive, please CHMOD 444 or 440 or 400.
Epilogue
Above is synthesized 6 tips are important in your time administrator WordPress website to remember to avoid the unfortunate happen, but fortunately are 6 tips on easy implementation.
Post a Comment