This is a cruel world. Some people are shameless and proficient in technology. They want to hack into your WordPress website and confuse your files and data. Fortunately, you can take steps to avoid this. We regularly hear that hackers have accessed the personal data of well-known companies or websites. The latest example familiar to anyone with an Internet connection to a web browser is the recent Ashley Madison data leak. Ashley Madison is a website dedicated to Philadelphia, so this episode is particularly problematic. The information obtained by hackers was later made public on the Internet, which caught many people off guard and filled the pockets of divorce professional lawyers all over the world. The
If it can happen on Ashley Madison, it can also happen on your site. According to WP white security, almost three-quarters of word press installations are vulnerable to hacker attacks. Therefore, the WordPress website has become the main target of hackers who want to score quickly. Fortunately, your site doesn’t have to be a victim. Here are 11 ways to protect WordPress blogs from hackers: 1. if you want to keep your plug-ins up-to-date, it may seem strange that the WordPress website must be up-to-date. But there are precedents. The
WP white security shows that plug-ins account for more than half of all security vulnerabilities in word press installation. Recent reports support this statistic. WordPress was created in March when researchers found several different vulnerabilities in the WordPress plug-in. The news returns the source code to prevent the plug-in developer from using the software maliciously. In some cases, developers must patch code and release updates. This is where you came in. Updates published by developers are not automatically applied to the site. Word press often warns when updates are available on one or more plug-ins. The display is usually separated by color, as shown below: The
If you see it, please update the plug-in immediately. The latest patch can modify security violations discovered by the author (or others). 2. do not use the \
Many host providers are aware of the possibility of this attack and therefore avoid creating an administrator account called \
To realize this important security function, whatismyip is the first. Navigate to com and locate the IP address. Then, to implement the security changes, in the admin directory of the host vendor. The htaccess file must be modified. If you don’t know the method, you can call the technical support line of the hosting company and ask the technician.
. In particular, you may want to add the following items to the file: Male
Reject order, allow
reject all
Xxx Xxx Xxx XXX allowed
Male \
But remember, Internet service providers (ISPs) sometimes change your IP address. In this case, you cannot access your own site. The solution is to call technical support and ask the technician to update the IP address as needed. Please perform under your own responsibility! 4. powerful password the pet’s name is easy to remember, so you may want to use it as a password. However, it is recommended to use a safer one. It is best to use a password with more than 12 characters. These characters must consist of a series of upper and lower case numbers, symbols, and characters. The password must not be found in the dictionary. To the naked eye, it should look like nonsense. So the hacker can’t guess. The
Use a powerful password generator to make life easier. Or, if the WordPress installation is updated to 4.3 in a better way, a powerful password will be generated! 5. restrict login attempts can restrict login attempts to further protect the site from the threat of undifferentiated college entrance examination. In this way, if someone repeatedly enters the wrong password, the user will not be able to access the site for a period of time. The limit login attempts plug-in can be used to implement this function. You can specify the maximum number of invalid passwords allowed before locking the IP address of the user who entered the invalid password. You can also set it to send e-mail when login fails. The
6. encrypt important data with a security key WordPress security key exists to encrypt the information stored in the visitor cookie. However, by default, these keys may not be populated in the installation. To verify that the key is populated, use WP config in your own installation. View the PHP file. Located in the root file of the web site. If you have problems with your discovery, please contact the technical support of your host provider. If the configuration file contains a ruler such as the following image, the key is not filled: In this case, the corresponding height must be filled in personally. You can generate keys using the WordPress salt key generator. You can then copy and paste the code that appears on the screen on the code block shown above. The new block must be the same as the image below. The
After saving the file, security is now added. 7. There are also vulnerabilities in the WordPress plug-in for updating and maintaining the best WordPress. However, the word press core file may also contain vulnerabilities. WordPress installation notifies you when major updates are available. If the security threat is resolved, it is best to update the file. WordPress often automatically performs small security updates and informs you of the facts via email. 8. it is useful to visually display disable error reporting error reporting. Unfortunately, this is also useful for hackers because it shows the server path. The
WP config Access the PHP file and add the following line to disable error reporting: Error_reporting (0);
@Ini_set (\
Traditional name \/ password confirmation. The second step is usually to enter the security code transmitted through SMS or other security devices. There are many plug-ins that can help you implement secondary authentication for WordPress. Here are some of them. Google authenticator: the user must enter the key or QR code sent to the smart phone. Clef: use mobile devices to achieve \
