WordPress is an awesome publishing software and Auttomatic (the company behind WordPress) always tries hard to secure it so that millions of blogs can be safe from hacker threats. Recently TechCrunch the world’s biggest blog, got hacked twice in a short time frame of eight hours.
- Don’t install WordPress in the root directory. Install it in some folder with a weird name which is not easy to know.
- Change the WP prefix of database tables. It will save you from sql injection hacking.
- Never use the admin account. After installing WordPress, you should change the administrator user name.
It encrypts your admin password when logging in without the use of SSL. This is the best plugin if you want to encrypt your passwords and don’t have ssl certificate to use.
This plugin enables you to create custom wordpress admin links to login and logout. By default you will login at http://yourdomain.com/wp-admin but with this plugin you can replace that wp-admin with any word hence only you will be able to access the login page.
AntiVirus for WordPress monitors malicious injections and warns you of any possible attacks. It saves your blog from spam injections. A must install for every one.
This plugin checks the necessary ftp permissions and htaccess permissions so that if there is something wrong you can set it up. You can uninstall it after checking.
Backups Backups and Backups
The best approach is that you should atleast back up your WordPress database once a day and the whole directory once a week so that if something gets wrong, you can easily restore the backup. You can use WP Database backup for this purpose.