Knowledge Base: Tutorials

Knowledge Base

Q: Security tips for Wordpress users

Wordpress is very popular open source bloging and CMS platform, but unfortunately being popular means a lot of security problems.

The most important security tip is not use a nulled theme or plugin, nulled software means you download a paid software for free, this software (themes or plugins) are always come with a malware attached to it.

Animated tutorials will help you secure your copy of wordpress

1. The most effective way to secure Wordpress is to keep it up to date, it will not take more than 30 seconds from you to get latest Wordpress installed: 

How to update your Wordpress installation tutorial

2. There is a nice Wordpress plug-in to remind you when Wordpress release a new version:

Install Update Notifier Plug-in

3. And remember to upgrade any installed Wordpress plug-in too:

How to upgrade your installed Wordpress plug-ins

4. Hackers usually look for security holes on a specific versions of Wordpress, they use Wordpress Generator Tag to find their targets, it will be very helpful to disable this tag in your Wordpress installation

How to remove Wordpress Generator Tag

Your Wordpress get hacked? 

5. Reinstall Wordpress, you can do that from your Wordpress dashboard > Updates and click the "Re-sinstall Now" button, this will force reinstall wordpress core files without removing your posts and settings.

6. Find hacked files and back doors:
Wordfence is a powerful Wordpress plugin that will help you to find any modified core file or any suspicious files in wordpress installation, you can install it direct from your Wordpress Dashboard, Plugins menu.

7. Reset your Wordpress admin password:

How to reset Wordpress Password using cPanel/PHPMyAdmin

8. Its highly recommended to remove the default "admin" user and create your own administrator user:

How to delete the default Wordpress admin and create your own

Also, check if there is any additional Wordpress user you did not create, some attackers leave a wordpress user to attack you later!

9. Be safe and reset the Wordpress DB logins:

How to use cPanel to change Wordpress DB logins

Last update on: 2017-04-06 06:04:03