How to Secure Your WordPress Blog

August 06, 2015

WordPress is the most popular blogging and CMS system nowadays. With the powerful features and easy to use, WordPress is more and more used on the internet. WordPress’s popularity is making people worry about its security and put a question ” Is your wordpress blog secure?”. Having a WordPress site means that you have to take some extra efforts in order to protect your and your visitors data. All we know, not having a site is 100% secure and  a 100% secure website doesn’t exist. Understanding the problems, today Opal WordPress will share you an article of “How to secure your wordpress blog“. This blog will help you to get basic knowledge to protect your website yourself. However, these measures don’t guarantee a 100% protection against hacking attempts, but they will protect you against the majority of attacks. Please follow our tips to keep your blog safe!

Why Secure Your WordPress Blog?

A blog that has been hacked can suffer from loss of content, stolen data and expensive downtime. Maintaining the security of your blog helps you protect your reputation and provide your visitors with the best service possible. Because WordPress is such a popular platform for blogging, it’s a regular target for hacking attacks launched by people who find and exploit weaknesses and vulnerabilities in websites.

#1. Create a new account with a strong password

Most of the attackers will assume that your admin username is “admin”. They will log in and unluckily they can enter it easily. Therefore, the first thing is that you don’t use “admin” username, in stead you should create a new account you think it will be safe.  You can easily block a lot of brute-force and other attacks simply by naming your admin username differently. If you’re installing a new WordPress site, you will be asked for username during the WordPress installation process. If you already have a WordPress site, quickly go to Username and change your WordPress username. Don’t forget to put a strong password!

Golmart – Creative WooCommerce WordPress Theme Released


Live Demo Download

#2. Update WordPress versions

Second crucial step is to update it to the latest version, make sure that the WordPress software, themes and plugins are regularly updated with the latest patches and fixes. You should always make sure that your blog’s version is up to date. WordPress team creates patches to help fix security holes. Follow wordpress feed to find out about the latest updates or you could simply login to your admin.

Tips to Improve Your Pinterest Marketing Strategy

#3. Back up your blog Database

Backing up your database is an important part of keeping your blog secure. WordPress makes the backup process simple with both free and paid options. WP-DB-Backup, a free option, is one of the most downloaded WordPress backup plugins and is a simple solution for beginners. To install WP-DB-Backup, go into Plugins and choose Add New. Type “WP-DB-Backup” in the search box. Click Install Now and then click OK. Simply – Convenient – Safe!

Review Octopus - Multipurpose Business WordPress Theme

Live Demo Download

#4. Install secure plugins

There are several security plugins that can help protect your site and prevent any hacking attempts. Two of the best options are Wordfence Security and Better WP Security. They both do quite a few things to make your site safer including forcing you to use stronger passwords, making you delete the admin username and they also do block bot traffic and help you do regular security scans.

10 common wordpress mistakes you can't ignore

#5. Disable file editing via the dashboard

In a default WordPress installation, you can navigate to Appearance > Editor and edit any of your theme files right in the dashboard. The trouble is, if a hacker managed to gain access to your admin panel, they could also edit your files that way, and execute whatever code they wanted to. So it’s a good idea to disable this method of file editing, by adding the following to your wp-config.php file:

define( ‘DISALLOW_FILE_EDIT’, true );

How to increase SEO for your website with Google+

#6. WordPress keys in wp-config.php

WordPress keys is another important security measure. These keys work as salts for WordPress cookies thus, ensuring better encryption of user data. If your WordPress site gets hacked its very important to change the keys and wp-admin password immediately because a hacker can still login to your WP admin even after your admin password changes. In most cases when a WP gets hacked the hacker can still gain access to your WordPress admin area via the use of cookies (your old keys/salt). You can change these at any point in time to invalidate all existing cookies. This will force all users to have to log in again. Use the WordPress Key Generator to generate these keys. Now open up your wp-config.php, find the lines that look like below and simply replace with the generated ones:

define(‘AUTH_KEY’, ‘put your unique phrase here’);
define(‘SECURE_AUTH_KEY’, ‘put your unique phrase here’);
define(‘LOGGED_IN_KEY’, ‘put your unique phrase here’);
define(‘NONCE_KEY’, ‘put your unique phrase here’);

Save and you are done!

bigshop woocommerce responsive wordpress theme


Live Demo Download

#7. Ensure your computers is free of viruses and malware

If your computer is infected with virus or a malware software, a potential attacker can gain access yo your login details and make a valid login to your site bypassing all the measures you’ve taken before. This is why it is very important do have an up-to-date antivirus program and keep the overall security of all computers you use to access your WordPress site on a high level.

top 7 best pharmacy woocomerce wordpress themes 2015

Above is How to Secure Your WordPress Blog simply we would like to share with you. They are helpful and practical for you to secure your blog website. Hoping you can understand and follow all these tips. Remember to follow our social media such as Facebook, Twitter, Linkedin, Youtube, Pinterest, to get the newest information.

Thanks so much!

You Might Also Like


  • ReplyErik EmanuelliAug 31,2015 - 10:13 am

    Great information, Cherry!

    For non expert bloggers and coders, I suggest installing a WordPress plugin, to make things easier.
    From the ones you mentioned, I found “Wordfence Security” plugin a free solution to secure blogs and make them faster.
    Tested and happy with it!

    • ReplyHong CherryAug 31,2015 - 10:20 am

      Hi there,

      Thanks so much for your suggestion. This is a good idea.
      Hoping you have a secure wordpress website.

      Kind regard!

  • Leave a Reply