WordPress – Lock down your site in two easy steps.

If you are one of the millions of people using WordPress on your website, here are two simple ways to make your installation more secure. One involves a plugin, the other is just common sense.

TIP: If you don’t know who is trying to get into your WordPress site, you’re in for a big surprise. Small or large, your site is most likely under attack from hackers 24/7.

Step 1: 

By default, every WordPress has a user account under the name of ‘admin’. Your job is to get rid of that account entirely. Here are the steps you need to go through in order to do that.

1. You can’t remove the admin account until you create another account with admin privileges. That’s rule number one.

2. When you create another user, use a unique username that cannot be guessed by someone trying to log in to your site. In other words, create a username that has nothing to do with your name, your site’s name or the name of anyone who writes for the site. If all the site’s posts are by Francis and Francis is also the username of the admin account, a hacker has 50% of the information needed to get into your site.

3. Once you create a new user with admin privileges, delete the old admin username.

TIP: If the old admin had posts written under ‘admin’, make sure you rename the author of those posts before you delete the account or the posts might be lost forever. You can do that from the All Posts menu by choosing all posts by admin then selecting Edit under Bulk Actions then switching author to another username.

Step 2: 

Download the WordFence plugin from Plugins, New. We’re not affiliated with  WordFence but we’re very glad that it’s around. The fact that it’s free, at least in it’s basic form, is good too.  Install WordFence, sign up for notices using an email that you check daily and you’re pretty much home free.

Photo of WordFence logo.
WordFence is free, simple to use and it will send notices to you every time someone logs in or is locked out.

Just so you know, we had some security concerns recently. Because of these concerns we went on a search for plugins that would help us lock down our site. WordFence came out on top. It’s free, too. There is a premium version but we find that the free one works fine for us.

Just after we installed WordFence, we received an email that someone had tried to log in to this site. How many times did they try? Twenty. After that WordFence blocked them. Since then, we’ve installed WordFence on every site we own. We’ve also limited the number of unsuccessful log in attempts to four, a reasonable number.

Protect your website now, before you lose it. It is possible for someone to gain control of your WordPress installation, locking you out in the process.

That’s it for today, thanks for reading! Comments and questions are welcome but  Likes on our Facebook page get immediate attention.  Here’s the link: Computers Made Simple on Facebook 


8 thoughts on “WordPress – Lock down your site in two easy steps.”

Leave a Reply

Your email address will not be published. Required fields are marked *