Most websites security get compromised by people who try hacking them for reasons best known to them. The WordPress installation seems easy, and with the extended features that enhance colourful designing of your website may get you not thinking of its need for security. However, this is somehow ironic because of the more attractive the website, the more the number of users leading to more threats to your website.

To avoid frustrations and downtime of your website, we have come up with ideas that may help you to run your site while at ease;

1. Plugins – Plugins offer better support in security and below are some of the examples

• iTheme Security plugin- This plugin detects login attempts that have often failed and locks them down. A notification is sent to the owner in regard to the brute-force attempt to logins, once the hacker attempts reach the limit set by the user. This ends up with a lock of the IP address and its banned from accessing the website. Moreover, the user can change the URL by renaming it differently because with a known direct URL hacking is easy. Hiding the URL is better after the access to log in is restricted.

Consider changing your username from admin because again this name is obvious and many hackers only struggle to get the password only because the name can be easily predicted. iTheme prevents such attempts by banning the IP address.

• Google 2-factor Authenticator plugin- Google also gives the website owner an opportunity of strengthening the login. This is through options of logging in whereby he can choose components like characters, security codes after putting the password. This makes it hard for a hacker to guess the character or the code secret codes and the better the opportunity for escape from brute force attacks.
• Wp Email login plugin- email IDs are hard to predict as compared to user-names because they don’t require configuration and once its activated it starts working instantly. Therefore consider them as an approach to securing your website

Don’t be overwhelmed by the fact that plugins are the solution because there’s more to them. The themes together with the plugins have to be kept up to date through the software developers, to ensure more security patches. Also, hackers rely on WordPress version view so hiding it from the source may save you much.

Avoid downloading plugins and themes from sources that are not known and if they become old or obsolete to you, it’s always good to be safe by deleting them.

2. Change of passwords- Often the change of password can never be detected easily by a hacker and so while setting your password to make them as strong as possible through the use of characters and symbols combined with letters.

3. Use of SSL certificate- secure socket layer is an approach that encrypts data between the server and the browser. Due to lack of the private key that decrypts data sent the hacker is unable to alter any data through hacking. This certificate also gets your website ranked high by Google in terms of security and so your website gains more reputation security wise. SSL can always be ordered from your host providers.

4.Change the database prefix table of WordPress- for instance instead of wp , use wpnew or other terms to make it unique. This prevents them from being SQL prone attacks free. iTheme security plugin, or WP-DBM are handy in this after the user ensures his file has been supported by a backup.

5.Protection of wp-config.php file- this is usually the root source of your WordPress and making it invisible to users reduces the compromise of your security and this is by moving it to a directory of higher level use of SSH or SFTP to connect to the server- the both ensures that file transmission between servers is secure. This can be manually or be provided by the hosting providers.

6.Proper set of the directory- individual files, subdirectories and directories permission mostly in a shared hosting environment can be changed through the file manager SSH so as to protect the whole system from the brute force of hacking.

You should also disable your .htaccess file listing to avoid everyone viewing your files online by browsing. Simply Put an index.html file in it. It’s wise disallowing file editing such that even with admin access your files and Plugins cannot be altered by a hacker