Secure and save your WordPress website from hackersIt is no coincidence that WordPress has become the 800-pound gorilla in the area of web publishing. In March 2012, 72.4 million sites running on the CMS, which corresponds to 25% of all the websites that is on the internet. With such a striking figure in mind, it should come as no surprise that hackers use vulnerabilities in WordPress are gathered.
Last April, a large army of botnets have been created to infiltrate WordPress sites with the "admin" user name of brute-force attacks. 30-40000 day attacks occur because the owners so that their web sites are easy prey to these malicious people.
It is time to ensure that you are not one of them. Let some simple ways to make your WordPress site that protects you sleep a little easier at night look like us.
As with all major changes installation of WordPress, I recommend you keep your files and databases before you save the changes listed below.
1) Update the user name of the administrator: If the above example botnet has not put the fear of God in you should really have it. Brute Force (programs nail web hundreds of times per minute a website that connects users and passwords common name) and more frequently. The use of "admin" or other common user name as "admin", "test" and "root" has a big target on his back fully.
When you first install WordPress, you will be asked the name of the default user. Change this something unique to you. I would not recommend his name, but maybe something you can easily remember ("sammy543" such as name/birthday combo).
If you have already installed version of WordPress, you can go and MySQL username day. Set in the wp_users table all records while the user's installation. Update user_login only for administrator account, and you are golden.
2) Create strong passwords: Do you have a unique user name is critical, but do not forget the other part of the pie. Brute-force programs explode passwords regularly as "admin", "password", "123456", "111111" and "qwerty". Do not make it easier for hackers to use one of these words juicy password. Select to really suspend your account has something letters (uppercase and lowercase), numbers, special characters and more than eight characters. You say you can not remember all the words crazy, and even less that one belongs to which account? Consider a free program like keypass to all your user names and passwords to store that allow you to connect to a site with a quick copy and paste. It can even generate random passwords of 20 numbers for you. Remember passwords for your email, banking and WordPress officially become a thing of the past.
3) Update the security internet key wp-config: Hidden in the database configuration file and the main WordPress wp-config salts are specific to your site. This is a random sequence of letters, digits, and special characters that you probably never on unless you run pass. Ask a new series is made easy with this handy tool Wordpress is available.
4) Limit Login Attempts: This free WordPress plugin is very convenient. Three months ago, I changed the log in lock down plugin on one of my sites with it. At that time, 3,968 users (or more bots) were blocked. Not one of these links I was wrong.
Basically this plugin blocks a user for 20 minutes if you tried unsuccessfully to gain access to more than four times. If it four times, it will increase the time and locked 24 hours. You can loosen the variables of time and opportunity, or drag the security internet of your connection. It also has useful features such as the registration of e-mail addresses and intellectual property of the author, when a lockout. It can be confusing when emails start at any minute for a period of one hour search, but you should be comforted to know that the hat is on high alert website to earn their livelihood.
5) Make sure WordPress: This is another free WordPress plugin that I can not do without it. Basically just a lot often patched holes in the base installation of WordPress. You will do things like delete the version number of WordPress for your network, or block malicious URL requests. The plug-in allows you to change the options and down to adjust the settings of your security internet software needs.
6) Always have a backup time: If a hacker violates the side and began to wreak havoc, was able to recover? If you have a backup file of the current database and the hand, you can clean to clean the site and repeat if necessary.
One possibility is simply the files on the local computer, but I would recommend talking to your web hosting provider on the backup options. Usually they are pretty cheap, and they can plan to go every night, once a week or whatever interval makes sense for your needs. Never assume that your host is back, no matter how you motivate your monthly hosting account. I discovered the hard way.
Also, make sure you back up your database. There are many good options. I have e-mails WordPress backup database that I zip the data files on a daily basis, so when I get my data independently.
There are other methods to build a wall around your WordPress website, but these six quick shots will bring you to the front of 99% of the sites. I know that most readers will say that you can not get to me, but I assure you it is. You can an hour to set up properly, or you can connect with your inner sadist take days or weeks to repair the damage, not to mention causing the potential financial impact of an experienced hacker. It's your choice.