Install these three simple plugins to WordPress to minimize the risk of hacking and intrusion. It’s never fun for someone to get access to your WordPress blog, but unfortunately it happens every day. Every day websites are deleted, defaced or simply taken over and you can avoid that by installing the login lockdown plugin, the HTTPS for WordPress plugin and the Wordfence Security plugin.
First of all, a very simple plugin called login lockdown simply blocks access to your blog if someone enters the wrong password too many times. A very common technique for hackers to get entry to WordPress blog is simply try many passwords over and over and over and over until something works. So login lockdown will block access to someone after a certain number of failed passwords. It’s a very simple plugin and it’s worth it to install this to make sure that any intruder is now locked out.
Another plugin to install is called HTTPS for WordPress. If you don’t know what HTTPS or SSL is it simply means that it is encrypting everything that gets sent to and from your WordPress site, including the username and password you use to login. Normally your username and password is broadcasted out in the open. That means if you use any kind of public WiFi anyone else on that WiFi can install a simple plugin and capture every password you type into WordPress. That is really not good. You can either not use unsecured WiFi or you can use this HTTPS plugin which will force you to use HTTPS when logging into your WordPress dashboard, therefore protecting your password from prying eyes.
NOTE: As of 2018 all sites need to have an HTTPS in the beginning of their URL. Google is now penalizing websites that do not have a secure SSL Certificate installed on their site. Contact your hosting company today, as some hosting companies are now giving free SSL Certificates for basic websites. If you are running an ecommerce website you will need a different sort of SSL Certificate installed on your hosting server.
And finally, the Wordfence Security plugin installs right into WordPress and scans all your folders for many security vulnerabilities. It checks it for any weak points, any holes, out of date plugins and gives you a very easy to follow list of things that you must do in order to keep WordPress secure. You can set it up to email you when it finds an issue on your website so that you can stay on top of it.
Obviously, I can’t guarantee you will be 100 percent hack proof, but you need to at least take these basic steps to keep yourself safe.
Those three plugins will get you on your way to having a secure WordPress blog. Install Login Lockdown to lock out anyone after a certain number of failed attempts, install HTTPS for WordPress to make sure that any time you login to your dashboard it moves you over into SSL, and Wordfence Security scan your folders.
Have peace of mind and backup your WordPress blog on a regular basis. ALWAYS do a backup before updating any plugins or themes.