Secure Your Wordpress Site from Unauthorized Access

Recently there have been huge rise in botnet attacks on thousands of Wordpress website. It was huge. The aim of such big attack might have been to build a stronger botnet, said Matthew Prince, chief executive and co-founder of Cloudflare.

Currently approximately 17% (according to survey website W3Techs) of websites are powered by Wordpress and it has impressively increased its fan popularity across the globe through its feature rich and secure services. Today Wordpress powered websites are read by around 371 million people each month all around the world.

It’s high time and absolutely must to step up security for Wordpress websites to avoid such massive intrusion. The good thing is that there is a massive Wordpress developer community giving their best support to their users. Wordpress has also made some strong updates in security with an ‘optional two-step authentication log-in option’ but just after a week of these changes made, a large group of computers have been attack through Wordpress websites to seize the servers that run Wordpress sites.

So what’s the solution for Wordpress to be secure enough from this botnet attack? Recently the attack was from the unknown group of hackers with more than 90,000 IP addresses and it’s predicted to be even huger in upcoming days. So here is the list of few tips which are very important to raise shields against the possible breach:

How to protect Wordpress site from eyes of hackers and possible botnet attacks:

Switch to upgraded version:

Wordpress has always tried to rectify the security issues with the upgraded versions. The latest version of Wordpress is 3.5.1 which has fixed the some important security issues. So if you are still stuck with the older version, it is an advice to switch from older to new version 3.5.1. The sites that are running with old version are easy for hackers in getting hacked because the older versions have lapses in security settings.

Make strong password with combination of characters, numbers and special symbols:

According to CloudFlare's Prince, the attack aimed to hack the Wordpress sites employing the username "admin" and 1,000 or some common unsecured passwords. So here is what I would suggest you is, if you are still using ‘admin’ as a username and ‘admin123’ as a password, change it and make strong username and password - a combination of numbers, symbols and characters. For hackers it doesn’t seem so hard to find the password of the Wordpress sites
uses the ‘admin’ as username.

Read more about how to have a strong password for Wordpress site.

Make use of Stealth Login Page plugin:

The Stealth Login Page provides the shifty layer to protect your WP Admin and WP Login page. This plugin will make a secret and customized login URL for your login page to protect from hackers eye.

Make use of Wordpress inbuilt Two Factor authentication:

Make use of wordpress one step ahead protecting layer Two-Step Authentication which provides greater security to your Wordpress account. With the use of this protection layer, you are making sure that only human can be logged into your wordpress site.

Limits the failed login attempts:

With the use of Limit Login Attempts plug-in, you can lock the particular IP for the set time who are trying to access your Login page more than the set limit attempts. The less you set failed attempts the better you can protect your Wordpress site.

Use bulletproof security plugin:

The Bulletproof Security plug-in will create an additional shield layer to your wordpress site against XSS, RFI, CRLF, CSRF, Base64, Code Injection and SQL Injection hacking attempts. Make use of this great plugin and keep your WP site more secure.

Alternatively you can also put your choice on Better WP Security and Wordfence Security plugins to better protect your WP site.

Read more about Wordpress security plugins you can use too.

And finally, keep regular back up of your WP Site:

We can’t predict that what will happen in future so the good advice is, keep regular back of your WP site. Getting hacked is not a single issue but there are also many reasons out there which can be causes for the collapse of your WP site. Having back means you can revert to the last data you have saved.

Use Wordpress Backup to Dropbox to keep regular back up of your plugins, blogs, database and other important data of your Wordpress site.

Sooner or later something will go wrong that we have never expected so it is better for you to keep regular watch and protect your site from unauthorized activities with use of Wordpress power pack security plug-ins.

About Author:

Above article is written by Sem Jacobs, working as Internet Marketing Manager at KGN Technologies.

Unless otherwise stated, the content of this page is licensed under Creative Commons Attribution-ShareAlike 3.0 License