WordPress is undoubtedly one of the most popular publishing platforms. But unfortunately it is prone to attacks from hackers or web intruders who get in and cause havoc with your blog. Securing your WordPress weblog is the most important thing that you must do after you have set it up on your server. Today, I will share some tips, tricks and resources which will surely help you to secure and lock down your WordPress site and to fortify it from unwarranted attacks.
Checklist to Improve WordPress Security
1. Prevent directory listing
2. Update WordPress to the latest stable version.
3. Drop the WordPress version string in your Meta Tags.
4. Encrypt your login
5. Use a strong password
6. Change the default admin username
7. Take extra measures to secure your wp-admin folder
8. Encrypt your WordPress-related cookies
9. Change your WordPress database table prefix from default settings
10. Use correct file permissions on your WordPress files
11. Limit what search engine spiders can index
12. Use SFTP instead of FTP
13. Take regular backups of your site and Database
All these points are explained in great detail in the articles below. Check them out
- 12 Essential Security Tips and Hacks for WordPress
- Essential WordPress Security Tips
- 18 WordPress Security Plugins & Tips To Secure Your Blog
- 11 Best Ways to Improve WordPress Security
- WordPress Security Tips
- WordPress Security Tips and Hacks
- 11 Ways To Secure Your WordPress Blog
WordPress Security plugins
There are many WordPress Plugins which help you in securing your Blog. The below list of articles talk about these plugins in detail.
- 20 WordPress Security Plug-ins And Tips To keep Hackers Away
- Top 10 Security and Protection Plugins for WordPress
- 10 Security Plugins For WP
- 9 Best WordPress Security Plugins
- Top 21 WordPress Security Plugins for Hacker-Proof Blog

Nice tips man… I used to do one more thing on top of the above – renaming the admin index file. When somebody types in the default index file, it will go to the blog home in that case. Not sure if it’s a great tip LOL but I discontinued doing it post theme upgrade.
(Btw, the picture shows a rusty security latch
)
Thanks for the tips. Great work!
Your blog design looks really neat. Keep it up!
good technical, thanks for the tips..
Thanks for the info dude..
Very useful resource raju, more over point 13 is something which I feel is very important for any blog..
Yes Point 5 is too important!
Choosing a Strong Password!
Everything is so important dude. Once I have faced an attack from hackers. After then only, I took serious steps to make it so secure.
Wow, some great points you listed. My site was hacked through my FTP account then they made trouble on my blog.
BTW, I have added this post to my Monday roundup for next week. I’m sure some users need this important advice to ensure their blog/site is as safe as possible.
@Serradinho,
Thanks
Well you have covered all the points. Thanx for the tips.
Its a nice list, Combination of Lower/upper cases, digits, instead of i,o put 1,0 are good tricks to set a strong password.
Great post dude….
Thanks for sharing these linsk…
Well done Raju. Not only do you state ways of protecting our WordPress blog, you also provide links for a more detailed explanation. Also, I wasn’t aware of those plugins, and although my blog is already a little top heavy, I may have to seriously look at some of those.
merci pour ces info, et tous cela poura m’aider .