How to secure an existing WordPress installation?

Here we will list some steps through which you can improve the security of an existing WordPress installation:

- If you have manually installed your WordPress, the default administrator username will be admin.  You should change this to something harder to guess. To do this, log in to your WordPress admin area, go to Users and create a new user with Administrator role.  Once the account is created, log out from your admin area, log in with the new account you created and delete the old one.

- Restrict access to the wp-admin folder only for your IP.  You can easily do this by placing a .htaccess file in the wp-admin folder containing the following lines:

Deny from all

Allow from <Your IP>

You can see what is your IP at this URL.

- Restrict the access to most files in the wp-includes and wp-content folders. The access to everything except images, CSS and JavaScript files can be blocked. To do this, create a .htaccess file and place the following rules in it:

Order Allow,Deny
Deny from all
<Files ~ ".(css|jpe?g|png|gif|js)$">
Allow from all
</Files>

- Protect the wp-admin folder with a password. 

- Keep your WordPress, as well as the WordPress plugins updated to their latest versions.

You can check your WordPress installation for vulnerabilities using this online scanner.

  • 0 Users Found This Useful
Was this answer helpful?

Related Articles

How to Leverage Browser Caching

Add these rules to your .htaccess file in order to reduce the load times of web pages by storing...

Why BackupBuddy fails to send backups to a remote server

When backing up to a remote server, the successful completion of the process relies on many...

How to Disable Theme Editor and Plugin Editor in WordPress Admin Panel

WordPress allows you to edit your plugin and theme files directly through its admin panel....

How to Modify my Title Tag in WordPress

To modify the title tag of your index page you need to login to the WordPress admin area and go...

How to Change my WordPress Subheading

The majority of WordPress themes take the subheading text from your blog's tagline. To edit it,...