CIP Cyber

WordPress Security Tips

Table of Contents

Security is very important for every website either it is wordpress or not, webmaster always care about the security of their website and none these want to compromise of the security of the website.
Beside everything we say that security is a hot topic and need more and more discussion.
In this article we will talk about the security issues on wordpress plate form, WordPress is the open source blog publishing application that works on the based of PHP and SQL.  

WordPress is very common among the webmaster and the person who are using wordpress for blogging need to know and should care about the security of their blog.
You need to care about:
  • Passwords
  • DataBase Security
  • Admin Protection
  • Check your application for XSS.
Below are the some tips that would really help you to secure your wordpress application from different attacker.
Protect WP-Config File 
If you have ever work on wordpress than you must know the importants of WP-Config file and you should care about it. wp-config.php contain all the information of required security to access the database, if an attacker will exploit it than the attacker can easily get the user-name and passwords etc.

First of all create a backup than access .htaccess file is located at the root your WordPress installation open it and paste the following code.
<files wp-config.php>
order allow,deny
deny from all
</files>


Remove Your WordPress Version Number

I think that you have an idea that wordpress automatically show the version of the software by can an attacker my find the available vulnerability for this version, it is not a good practice to show the version of the software running on the server.
This tag is in the header.php file that displays your current version of wordpress
<meta content=”WordPress &lt;?php bloginfo(‘version’); ? /&gt;” name=”generator” />

Copy and paste the code in the functions.php file of your theme and than you are done.
remove_action('wp_head', 'wp_generator');
 
 
Use SSL (Secure Sockets Layer)

Cryptography is an art of secrete communication, you need to protect your data on wordpress plate form, administration data must be on SSL to protect it from local and remote attack. If you have hosted on Wp WebHost or HostGator, then SSL is enabled. Other wise you can force wordpress to enable SSL to protect your URL.
Open your wp-config.php file and paste the code below:
define('FORCE_SSL_ADMIN', true);


Note: If you enjoyed this post, you might want to subscribe our RSS feed and Email Subscription  or become our Facebook fan! You will get all the latest updates at both the places.
CIP Cyber Staff

CIP Cyber Staff

CIP Cyber Staff comprises CIP cybersecurity experts committed to delivering comprehensive information on critical infrastructure protection. The content covers diverse topics, equipping professionals to defend organizations and communities in an ever-evolving cyber landscape.

Most popular

Industrial Cybersecurity

Want always be up to date?

Don't miss the latest news

By subscribing to our mailing list, you will be enrolled to receive our new trainings, latest blog posts, product news, and more.

CIP Training & Certifications

Transform your cybersecurity skills with CIP Cyber’s comprehensive training & course offerings

Related Articles

What Proxies Are For

When you cannot access certain sites or hide your identity, you need a tool for that. For example, the USA proxies are in demand among

Want always be up to date?

Don't miss the latest news

By subscribing to our mailing list, you will be enrolled to receive our new trainings, latest blog posts, product news, and more.

CIP Training & Certifications

Transform your cybersecurity skills with CIP Cyber’s comprehensive training & course offerings