The most important points for WordPress security
Hacker have attacked a huge amount of WordPress websites one more time. There are about 14 millions affected this time multiple newspapers report. This is one of the reasons why security in connection with WordPress should be taken very serious. To be protected against such attacks, I recommend to do the following actions:
- Install a security plugin such as iThemes Security. It provides you various options to make your WordPress website more secure and to avoid brute force attacks.
- Make sure that there is no account with the username admin in the backend.
- All backend users should have strong passwords which means a mix of small and capital letters, numbers and special characters.
- Be aware which user belongs to which person and that this user is still active. If not, delete it.
- Keep WordPress, the theme and the plugins in use up to date all the time.
- Change the default backend URL /wp-login.php to something personal which can not be guessed by anybody.
If you need help to any of these points, do not hesitate to contact me.