1. Home
  2. Plugins
  3. WordPress Security Tips
  1. Home
  2. Security
  3. WordPress Security Tips
Searching...

WordPress Security Tips

No website is 100% safe online, so here are a few tips and plugin suggestions on how to help protect your site more.

The Basics

  • Update WordPress & WordPress Plugins – You want to make sure WordPress and all your plugins are up to date. WordPress releases updates often to improve security.
  • Strong Passwords – Make sure you have a strong password that can not easily be guessed for WordPress and your FTP login.
  • Limit FREE WordPress Themes & Plugins – There are free WordPress themes online that have malicious code in them that can cause problems on your server. Also, poorly written plugins can have vulnerabilities and be hacked. So, limit the number of plugins and themes you have on your server.

Tips & Tools

  1. Rename your login page – For almost any WordPress site, you can go to someone’s domain name and type wp-login.php, and you will get access to their login form, and people will attempt to log in to your site. With the Rename wp-login.php plugin, you can change your login page address to something else that only you know so people can’t find your login page. Example: www.your-domain.com/enter
  2. Limit login attempts – In the case of a hacker or a bot attempting a brute-force attack to crack your password, it can be useful to limit the number of failed login attempts from a single IP address. Limit Login Attempts does just that, allowing you to specify how many retries will be allowed and how long an IP will be locked out after too many failed login attempts. There are ways around this, as some attackers will use a large number of different IP addresses, but it’s still worth doing as an additional precaution.
  3. Install a Security Plugin – Security plugins can add extra security to your WordPress site. Only install one of these plugins.
    • Acunetix Secure WordPress ( I use this one ) – The Acunetix Secure WordPress plugin is a free and comprehensive security tool that helps you secure your WordPress installation and suggests corrective measures for securing file permissions, security of the database, version hiding, WordPress admin protection and lots more.
    • Wordfence Security – The Wordfence WordPress security plugin provides free enterprise-class WordPress security, protecting your website from hacks and malware.
    • BulletProof Security – WordPress Website Security Protection: Firewall Security, Login Security, Database Security… Effective, Reliable, and Easy to use.
  4. Back-Up Your Website – You should back up your site monthly or even weekly, depending on how often you update. Backing up your site can save you hours of your time in case something happens to your site. I don’t have a suggested plugin for this but check out these articles to see a plugin that may work for you.

Advanced Tips

More Security Articles

  1. 11 Quick Tips: Securing Your WordPress Site
  2. Essential WordPress Security Tips – Is Your Blog Protected?
  3. WordPress Security: Tried and True Tips to Secure WordPress

Tutorial: How to install a WordPress plugin.

Updated on March 11, 2025
Tagged:

Was this article helpful?

Yes No

Related Articles


Need Help?

1. Try searching for answers. Try searching different terms if you can't find a answer. 2. Try troubleshooting if something is not working.

3. If you can't find answers, click to leave a comment. Provide website links and detailed information.