A Foolproof Guide To WordPress Security

Prevent Brute Force Attacks and enhance WordPress Security

Tips to secure WordPress Website

1. Modify the WordPress Database Table Prefix to secure login page

2. Rename login URL slug to secure login page

3. Set strong, long and complex passwords to secure login page

  • Change your wordpress wp-login URL slug to set something unique; e.g. my_custom_login
  • Change your wordpress /wp-admin/ URL slug to set something unique; e.g. my_custom_admin
  • Change your wordpress /wp-login.php?action=register to set something unique; e.g. my_custom_registeration

4. Use two-factor authentication to secure login page

5. Use the email address to log in to secure login page

6. Idle users auto-logged out of your WordPress site

7. Monitor your files with security plugins

  • <a href=”https://wordpress.org/plugins/wordfence/">Wordfence </a > is a free plugin available on wordpress plugin directory.
  • <a href=”https://ithemes.com/security/">iTheme Security Pro is available on pro version.</a> Both are plugin provide security against Brute Force Attacks, SQL Injection, Cross-Site Scripting (XSS).

8. Take regular backups

9. Protect the wp-admin directory and set directory permissions

10. SSL (https) cryptography to encrypt data

11. Disallowed or restricted file editing

12. Disable directory accessing list in .htaccess

Final thoughts — Stay up to date and regularly update your WordPress site for security



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store



Helping businesses Solve The Unsolved with a tech-first approach to expedite digital transformation.