Wordpress Security - How To Secure Your Wordpress Installation

If you have a WordPress blog or website, WordPress security must be an issue for you. I'm sure you must have heard about hackers attacking blogs and websites of other people. The damage done by them can be enormous, especially when the particular blog was high page ranked, displaying high in search engines and profitable. It is not the only type of websites attacked by hackers. The reasoning behind their acts can't be explained as logical. They will destroy it for fun. I know stories of people who one day, instead of their website saw a short note informing them that their website has been blocked by Google due to the thread it carries to other internet users. It was a result of hacker attack, who made changes to the website.



Cloning your site is another level in fix wordpress malware virus that can be useful. Cloning simply means that you've backed up your website to a totally different place, (offline, as in a folder, in order to not have SEO issues ) where you can get it in a moment's notice if the need arises.

Strong passwords - Do your best to use a password, alpha-numeric. Easy to remember passwords are also easy to guess!

Move your wp-config.php file one directory up from the WordPress root. WordPress will search for it if it can't be found in the root directory. Additionally, nobody will be able to read the file unless they have FTP or SSH access.

Imagine if you go to why not try this out WP-Content/plugins, can you see that folder? If so, upload that blank Index.html file inside that folder as well so people can't see what plugins you have. Because if your version of WordPress is current, if you're using a plugin or an old plugin with a security hole, someone can use that to get access.

Of course you can set up plugins to make your store like share buttons or backup plugin. That's all. Your shop is up and running!