Melbourne: While it’s right that WordPress core developers strive hard to keep the WordPress platform secure, if you possess or operate a WordPress website then you also have liability to keep your site from being compromised.
Here are some of the ways to set your WordPress security:
1. WordPress Best Practices
Some of the most significant things for hardening WordPress include:
Once you apply these, you can then set up a plugin which will scrutinize your WordPress core files and traffic.
2. WordPress Security Plugins
Wordfence is a great plugin that will block any IP address that attempts to flood or spam your website. It will limit the number of login attempts and check all live traffic. It’s being updated and maintained often, so you can count on it being on top of all your security concerns.
Better WP Security is another great plugin that will let you to keep your WordPress website safe. It’s in fact a full package, but you must first read the FAQ section before activating it, as it makes some major changes to your database that you should be aware of.
BackWPUp is a free plugin that backs up both your WordPress files and database. There are, of course, a lot of other free and paid backup plugins and you are welcome to try them all until you find the one which suits you.
3. Free CDNs
There have been a lot of talks whether free content delivery networks really do any good or do they exist only to allure you into one of their paid services.
CloudFlare is a free content delivery network that filters all your traffic and reduces the risk of your WordPress website from becoming a target.
PageSpeed Service by Google does something similar and we can all believe that Google takes online security critically.
Read a complete list of pros and cons of Google PageSpeed and CloudFlare CDN.
4. Configure .htaccess
.htaccess stands for Hypertext Access. It’s a configuration file which controls the directory in which it is placed and all sub-directories. Here we are going to talk about configuring .htaccess for Apache web servers and Linux.
Editing .htaccess file is a serious business and you must not play with it unless you have at least basic coding knowledge. If you don’t feel comfortable editing .htaccess, you can download and install a plugin from WordPress.org repository called WP htaccess Control. It gives an easy interface for editing the file, and also for configuring WordPress permalinks, categories, archives, pagination and custom taxonomies.
You can easily become surprised by the number of options this plugin offers, so just go to “htaccess Suggestions” tab once you get to the plugin configuration page. You can then verify all the options and your .htaccess will become configured for protection.