7 tips to secure your WordPress site

Wordpress sécurité


WordPress is used by 24% of the sites in the world. Which represents millions of web pages! Faced with its success, this CMS is often the target of hackers. Fortunately, there are quick steps to keep your site as secure as possible in WordPress.

Safe Way ?

1. backup regularly the database

All sites have a database in which the contents are kept. It is essential to archive this data regularly, in case of problems on the site.

Ideally, we recommend that you make a weekly backup. Be sure to note the date of the day of archiving on the backup folder. In the event of an error, hacking or loss of the site, you will be able to reinstate everything quickly and easily.

To avoid having to do it manually, there are free plugins to easily back up your database.

 Promotion in WordPress Web Hosting  code : SAVE5

2. Install an antivirus plugin

As there are antivirus software to install on your computer, you can also add an antivirus plugin to ensure the security of your WordPress.

You will have the choice between iThemes Security, considered today as one of the best security extensions, All In One WP Security & Firewall, Wordfence Security or WP Antivirus Site Protection.


3. Delete the admin account

To log into your WordPress administration, the admin identifier is proposed by default. It is therefore used extensively by hackers to access your site. Avoid making it easier for them and create a personal identifier, impossible to guess, before deleting the admin account.


4. Change the login address

To reduce the risk of hacking, it is also recommended to change your connection address. By default, WordPress offers you my-site.com/wp-admin. Which once again makes the hackers’ job easier!

You can change this URL by modifying the .htaccess file or by using an extension like Custom Login URL. This second solution is perfect for people who know little or nothing about code.

5. Regularly check for updates

To protect your WordPress site or blog, you need to make regular updates. As soon as an update is available, follow our advice to update your WordPress site before installing it.

This instruction is valid for the CMS, but also for all plugins. New flaws are revealed regularly, which leads developers to often suggest fixes. An obsolete extension therefore presents a significant risk …

As for updates to your security plugin, they are more than essential! The latter take particular account of new viruses or hacking methods.

6. Hide the version of WordPress used

For each version of WordPress, there are flaws that hackers will be happy to exploit. To further complicate the mission of these intruders, consider hiding the version of WordPress you are using.

The change is made at two levels: in the function.php file, as well as in the readme.html file. The latter is located at the root of your WordPress and should be deleted!

7. Prevent browsing in folders

On a WordPress site, by default, the folders are accessible to everyone. It is therefore imperative to block their access to better protect them. To do this, you must modify the access conditions via your .htaccess or opt for a plugin like Hide My WordPress.