Avoid WordPress Security Vulnerabilities – Quick And Easy Tips
January 8th, 2016 Tags: wordpress security vulnerabilities
Posted in wordpress plugins, WordPress Security, wordpress security vulnerabilities
Want to know how to avoid wordpress security vulnerabilities? Here's a quick security question for you. If you have a WordPress site and the username and password you use to gain access to it are Admin and Test (or password!, are you at risk for your website being taken over?
The answer is yes. What is said is you can have all security measures, all the fancy security plugins in place, but if your password is something that they can easily guess then you are leaving the door wide open.
That's why it's important to have a secure and hard to guess WordPress login and password. What can you do? Make sure your username is not the name Admin or Adminstrator, change that WordPress password regularly and use different passwords than you use for other WordPress or FTP sites.
Don't Use Admin As a Username
By default, when you set up WordPress it uses it with the username Admin, which means that when you login you type in the username Admin and some password. But this is giving the hackers half of the information they already need. If they already know that you are using this Admin, all they have left to guess is the password. And don't use something obvious like your first name, your first name and your last name or the title of the site.
But if your username is something meaningful to you but not obvious to strangers, now they don't know where to start with the username. And now potential intruders they are guessing about two different factors - your username and your password.
That's why even though WordPress, by default, sets your username as Admin, the first thing you should do is create a new user account and name it your first and last name, save it and then delete that original Admin account, that will cut down on a lot of automated attempts.
Change Your Password Regularly
Something else that is easy to do is change your WordPress password regularly. For example, once per month. This means that you are always thinking of some new thing to type, and some new password that someone might never guess, because you are changing it every month. You would be surprised at how many passwords consist of someone's name, child's name, or pet's name but if you are changing a password on a regular basis, adding in letters and numbers to it, now that's a password that no one will guess which means that no one will have access to your site other than you and the people you choose.
Finally, set different passwords than other WordPress blogs you own. Set a different password other than your email address or your FTP account. The problem with setting the same password for different accounts is if someone gets access to your WordPress site, now they have access to your website, your other WordPress sites, your email, your FTP, and so on. But if you use different passwords for WordPress, for email and for FTP that means if someone happens to gain access to your WordPress they don't have access to your other accounts.
WordPress Security Vulnerabilities Summary
In this article, we've looked at a number of common WordPress security vulnerabilities. We've seen that setting a secure WordPress login and password is easy. We've covered why you don't want to use Admin as your username, and the importance of changing your admin password regularly.
We saw how we must use different passwords for multiple WordPress blogs, for your email account and for your FTP account.
If you've read this article and want to know the next steps to keeping your WordPress website secure, why not request a chat about your security and perhaps how I can help you? Just fill in the form on http://wptrainingnow.com/blog/contact , and I'll be in touch.
CLICK HERE: Discover a New Solution To Keeping Your WordPress Site Up To Date
Leave a Reply