- Most important!!! on the list is "Keep wordpress and its plugins updated". There are pretty much wordpress and plug ins weekly. Sometimes it seems they are coming out on a daily basis. These updates contain security fixes that help keep hackers at bay.
- Change the default admin username to something other than Admin. The easiest way to do this is create a new user account in WordPress (give it admin access). Then login with that username and delete your old account.
- Remove the "Hello World!" post that is installed by default. This post leaves discussion open and is generally getting spammed by bots with comments.
- Install the following security plugins:
- All In One Security and Firewall - GO through this plug in and read everything and follow recommended setup.
- Project Force Field - Read the plugin description for details.
- Use strong password. After installing All in One Security and Firewall you can use it to depetermine the strength of your password by going
Change the Nick Name in your user profile to something other than your login username.- WP Security
- User Accounts
- Click on the Password Tab.
- If your website is not a duscussion based blog then it is highly recommended that you turn off commenting. As there is no real way to turn this on or off you simply go to Settings/Discussion and Check Mark "Users must be registered and logged in to comment"
This helps tremendously with keeping your site secure. If you need help or would like us to handle this for you let us know. The list above is just some basic steps, there are numerous more advanced ways to secure your site.
