How To Secure WordPress Blog [Bhs.Inggris Bisnis 2]

How To Secure WordPress Blog

    Often we see some blog / website famous in Indonesia claimed that the blog / website they have been hacked by parties who are not responsible, or so-called "hacker". Therefore, the security of your blog / website should be considered for the sake of database security blog / website. Here is how to secure wordpress blog from hackers:

1. Login encryption
    Each time the SOB tried to log into the admin page, the password will be sent by unencrypted. If SOB was in the public network, hackers can easily 'sniff out' data logging using a network sniffer. The best way is to encrypt the login is the Chap Secure Login plugin. This plugin adds a random hash for the password and login authentication with the TCP protocol.

2. Stop brute force attack
    Hackers can easily crack your login password and credential using brute force attack. To prevent that from happening, SOB can install the login lockdown plugin. This plugin records the IP address and timestamp of any who tried to log into your wordpress and failed. After several failed attempts are detected, it will automatically disable the login function to all requests from the IP in question.

3. Use strong passwords
    Be sure to use a strong password that is difficult for others to guess. Use a combination of numbers, special characters and combinations of uppercase and lowercase letters.

4. Protect your wp-admin folder
    Wp-admin folder contains all the information is important and is the location that there should be no one who can access it. Use AskApache Password Protect to protect directories with a password and grant access only to authorized admin only.

5. Remove Wordpress version information
    Almost all of the wordpress theme WordPress version information in the meta tag.Hacker can easily get hold of this information and make proper plan of attack.
Since wordpress 2.6, wordpress version is automatically entered in the Wp_head, to handle sob should install the plugin WP-Security Scan plugin.

6. Hide your plugin folder
    Try to open the blog url sob like this: http://domainkamu.com/wp-content/plugins, if it still looks a list of plugins that you use, upload a blank index.html file to the plugin directory.
Make it with notepad: right click >> New >> Text Docoment then save it as index.html.

7. Username and email address
    Do not use the default username "admin" as login and do not use the email that has been in the know the username lain.Buat difficult and different from the name of the author wearing a sob.

8. Always update
    Regularly updated and all the wordpress plugin if there is a warning. WordPress and plugins that do not update very vulnerable to hackers.

9. Regular database backups
    No matter how safe the blog sob, prepare for the worst things. Install the plugin wp-database-backup and schedule it to backup the database every day.

10. Define user access rights
     If more than one admin on the blog, can install a plugin sob-manager role to determine the ability of each user group.