• Blogging
  • Freebies
  • Freeware
  • How-To
  • Make Money Online
  • Mobile
  • Home >> Security >> 5 Security Tips to Protect WordPress Blog

    5 Security Tips to Protect WordPress Blog

    Protect your wordpress blog

    Protect your wordpress blog

    This website is running on WordPress Platform from December 2007. But, i never thought of protecting my website. Luckily it was never hacked by anyone till date. Today, i came across a post mentioning Security tips to protect wordpress blog.

    I followed some of the security tips.

    5 Security Tips to protect WordPress Blog


    • Remove WordPress Version tag:
      By default lot of wordpress themes will have a Meta tag as below in Header.php:

      <meta name="generator" content="WordPress <?php bloginfo('version'); ?>" />

      The attacker can clearly find out what version of wordpress you are using. To avoid exposing of wordpress version, it is good to remove the above tag. You just open header.php file and look for the above code, delete the line and save it.

    • Hide plugin directory:

      Do you know this. WordPress plugin directory is completely visible. Check it http://www.yoursitename.com/wp-content/plugins. If you can see your plugins directory contents, then anybody can see it, which is a security threat.

      The solution is simple. Just create a blank index.html file and upload it to your /wp-contents/plugins/. Now try accessing the above link. You will only see a blank screen.

    • Lock down /wp-admin/ directory:
      Matt Cutts from Google on his post three tips to protect your WordPress installation, the first thing you need to do is protect your /wp-admin/ directory using .htaccess. Just follow the steps he mentioned in his post.
    • Upgrade to the latest version of WordPress:

      Always upgrade to the latest version as soon as it is released and ready to be downloaded. Every upgrade probably comes with fixes to any security issues and that will make your blog less prone to be exploited or compromised.

      I use WordPress Automatic Upgrade allows you to automatically upgrade the WordPress installation to the latest version right from your dashboard. This plugin makes your life easy.

      Always upgrade the plugins whenever there is an upgrade. The upgrades might have fixes to security holes.

    • WordPress Database backup:

      I have scheduled to get backup of WordPress Database every day and guess what it saved me two times since i am using it from last December 2007. I screwed my wordpress database during last upgrade process and this everyday backup came in handy. The plugin I use is WordPress Database Backup. If you don’t have it, you probably should do it now!

    One Last Tip:

    Download and install the WP Vulnerability Scanner plugin. When done, simply activate it and launch WP-Scanner and then de-activate it once you’re done with the test.

    All the above methods are good and should be implemented which will make it that much harder for any hacker to know which vulnerabilities to exploit.

    What have you done to protect your blog? Do I miss anything here? I would love to hear your opinions on this.

    You must also check this post : Best (must have) WordPress Plugins

    IMPORTANT: This blog welcomes Guest Bloggers, Writers to also contribute by writing Guest Posts and also Make Money!. Check out our Revenue Sharing Program
    1924 readers are already subscribed to this blog! Why don't you be one of them? Subscribe to this blog via your favorite RSS feed reader or by entering your email address on the form below:


    1. This post will certainly help a lot of WordPress users out there and serve as a reminder that it’s time to protect their site from any unwanted ‘incident’.

      Thank you for thinking of me when you wrote this useful article.


    2. Nihar says:

      @Yan yes your post really helped me. same way this post will help others too

    3. Well, blogging is all about a community of sharing and learning.


    4. sailor says:

      Unfortunately I have had my WP database files hacked. One thing I would add to your list is to change the prefix of your tables from the default wp_ to something else.

    5. Nihar says:

      @sailor, Thanks. it is a really nice tip i will add it to the post.

    6. @sailor: awesome advice, why haven’t I thought of it?

    7. Bobby Revell says:

      Thanks for the hide plug ins directory tip, I hadn’t thought about that before πŸ™‚

    8. Nihar says:

      @Bobby, i am happy that this post helped you…

    9. JDans says:

      Thanks for sharing. It is good to be proactive against website hacking before you become the victim. I am going to make sure all of my WP blogs are well protected.

    10. Nihar says:

      @JDans, Thanks for the complement πŸ™‚

    11. Kayak` says:

      Hello, Thanks for sharing the information. Great

    12. Nihar says:

      @Kayak, you are welcome. hope this post helped you.

    Leave a Reply

    page counter
    NiharsWorld on Twitter NiharsWorld on Facebook NiharsWorld RSS Feed