Summary of this Video Tutorial:
Is it easy to secure WordPress website? In 13 minutes, I’ll walk you through some of the basic ways you can secure your WordPress website against hackers. These tips include:
- Choosing a Quality Web Hosting Company
- Enabling Automatic Updates
- Changing the “Admin” User
- Changing the default Table Prefix
- Using Salt secret codes
- Disabling File Editing in the WordPress Dashboard
- Securing wp-config.php with htaccess
- Setting good file permissions
If you’ve got these security measures in place, you are building on a great platform.
Recommended & Affiliate Links:
Please support us making more high quality videos by hosting or moving your website to our featured partners:
Step By Step Tutorial To Secure Your WordPress Website
Choosing a Quality Web Hosting Company
After using countless cheap web hosts from $2.99-$8.99 per month I’ve come to appreciate Optimized and Dedicated WordPress Hosting. Choosing a good, high quality web host will make your life so much easier. Some features great web hosts who specialize in WordPress have that others don’t are: Security built into their automatic installations of WordPress, Firewalled accounts, Automatic Updates to WordPress (Core Files, Themes, and Plugins), Continually upgrading their security measures as the internet evolves.
If you’re just starting your business out, choose Nodeki Hosting. You won’t be disappionted. When you’re ready to invest in the best WordPress hosting money can buy, open up a WP Engine Hosting Account.
Enabling Automatic Updates
When you install WordPress through cPanel (or if WordPress is installed automatically like at WP Engine) you can enable optional automatic updates. Updating WordPress’ core files is the first and easiest security measure. There is no reason not to update to the latest version of WordPress. There are excuses, but none of them are good.
In case you need more help Installing WordPress, I have a couple of videos on the topic here.
Changing the “Admin” User & Changing the default Table Prefix
Default settings are the first place hackers attack. Changing the default “admin” user doesn’t improve your security a lot, but it will deter many robots and automated hacking attempts.
Using Salt secret codes
Salt codes help to verify authentic users over hackers who are not supposed to have access to your files. Because this is just cut and paste, there’s no reason not to add this code to your configuration files.
Disabling File Editing in the WordPress Dashboard
Editing “live” code with the File Editor in WordPress’ Dashboard is about the worst thing a person can do. There are too many ways to accidentally put something in or delete something and break your whole website. The File Editor is also the easiest way for hackers to gain access to change your files and insert malicious code. Disabling it is just common sense.
Securing wp-config.php with htaccess
htaccess is a programming language in itself which controls and sets some settings on your server. It’s a powerful language that can enable advanced functions like speeding up your website by zipping files, enabling web browsers caching images and assets on their computers, managing file access, enabling or disabling search engines, and a whole lot more. This really is your first line of defense on your web host, and it can be a powerful ally if used properly.
Setting good file permissions
All your security is for nothing is someone can just open up files on your server and edit them because they aren’t protected by the right file permissions. Bad permissions is like that old Lifelock commercial where the guy displays his real Social Security Number all over the place. Bad file permissions just invite people to take advantage of you and steal your web identity.
The Bottom Line In Securing Your WordPress Site
These step by step instructions can help you secure your website from hackers. Most of these fixes are simple and take just a few minutes. So there is no reason you shouldn’t use these simple and effective security measures.
But security is a huge topic and we will be taking a look at other security measures you can take to keep your WordPress websites safe and secure.