Secure Your WordPress Blog / CMS
Most of the WP webmasters / bloggers didn’t really aware of the website security issue, either they don’t aware of this or they don’t know how to handle this topic well. I read about the discussion thread from WordPress.org about file permission issue. You will surprise to find out that most of the hosting companies out there didn’t have proper server configuration and they didn’t bother to look into this issue.
A properly configured web server will not allow users to access the files of another user, regardless of file permissions. The web server is the responsibility of the hosting provider.
Choose A Good Hosting Company
It is quite scary especially you are building your online empire that will give you 5-figure income monthly. Using webhost provider that didn’t configure well, means to put your business at risk to lose it anytime.
In the past, I have heard many people said this is not really a big deal and people tend to choose some little, unknown hosting provider that offer US$1 monthly compare to the best provider. Their reason are obviously trying to safe money on the hosting fee. In fact, many times they regrets of using the cheap hosting company after disaster happened to them.
I personally will only recommence Hostgator who is the industry leader with 24/7 online support. I do encountered problem such as my websites being compromised, bad damage due to own mistake and a few others problem in the past but Hostgator support staff manage to help me to salvage my websites and overcame all issue within the very short period of time. Their fast response time always impress me and they do all these works for me without any cost, unless the other hosting company that I knew, always charge small fee of $15 – $60 for similar request.
Either you are new or experience webmasters, Hostgator definitely is the best choice for you.
Install WordPress Plugins
Besides choosing the good hosting company, it is good to secure your WordPress blog by installing WP Security Scan Plugin. This plugin will scans your WordPress installation for security vulnerabilities and suggests corrective actions for the following:
- Passwords
- File permissions
- Database security
- Version hiding
- WordPress admin protection/security
- Removes WP Generator META tag from core code
Another plugin you can consider is Secure Wordpress plugin. This little plugin helps to secure your WordPress by:
- Removes error-information on login-page
- Adds index.php plugin-directory (virtual)
- Removes the wp-version, except in admin-area
- Removes Really Simple Discovery
- Removes Windows Live Writer
- Remove core update information for non-admins
- Remove plugin-update information for non-admins
- Remove theme-update informationfor non-admins (only WP 2.8 and higher)
- Hide wp-version in backend-dashboard for non-admins
- Add string for use WP Scanner
- Block bad queries
Use Strong Password
You may choose to use a strong password with a combination of alphanumeric, upper/lower case, special characters.
Regular backup your WordPress database will helps you prepare for the worst case scenario. In case something went wrong after all these measure, you still have the database file to recover all publish contents.
Follow Us!