5 Ways To Improve Your WordPress Website Security

Website Security

Image by ‘AaronPatterson’

WordPress is a very good platform for blogging.  Apart from the fact that it is user friendly; it provides you with so many tools where you can monitor and relate with your readers.

However, as you make more friends and get more subscribers/traffic, remember that not everybody that is coming to check out your content is friendly, so you have got to tighten up your website security to avoid being a victim of the enemies who may go ahead and hijack online contents.

There are various measures you can take to secure you WordPress blog from Hackers.

Tips To Improve Your WordPress Website Security

1.  Update WordPress Regularly

WordPress is regularly updated so that you can optimize your platform with new features, some of the features include some security programs that could level up on website security.  Always make sure that you update your version of WordPress to the latest edition as this makes your site more secure than before.

Updating the WordPress platform may bring a deformation to some of your plugins; this is an opportunity to refresh your WordPress plugins as well as changing some to optimize your blog performance. Most times, it is better to stick to the plugins provided by WordPress to keep your security from alarming. It is always better to keep a backup of your database before making any upgrade, and all can be done through your dashboard.

2. Install an Encrypted Login Plugin

The WordPress software does not have the Encrypted Login facility by default, therefore, the best solution is by installing a plugin that enables these features.  An example of this is the ‘Chap Secure Login‘ that makes use of SHA-256 algorithm to protect your password and username. Another useful plugin is the ‘Login Lockdown‘, which is helpful in blocking IPs that tracks down repeated failed attempts to access sites. The ‘CAPTCHA’ plugin is also another that can help secure the WordPress blog, RetinaPost introduces user to enter highlighted characters from a phrase.

3. Change the Default Admin Username

The brute force software is a very strong tool by hackers to crack usernames. The WordPress when set up set admin as the default username, changing it gives you a chance to gain more security over hacking. You can create a new administrator account, and delete the default one, it is better to do this before writing an article with that account, or else, every post through this name goes with the deletion. The most effective method you may use for this is to access your blog’s “php MyAdmin”, choose “WordPress database“, look for the “wp_user table” and find the admin username with the “Browse” icon, then find the “user_login” column, edit on the correct row, and change the “admin” to your login name of choice, hit the “Go” and that’s all.

4. Hide “Powered by WordPress”

Hackers have different methods and tools to attack different platforms, you can make it more difficult if you hide the platform you are using.  A good way to do this is to hide the “Powered by WordPress” at the bottom of each page on your site.

This information is available on the “footer.php” file by default. On your dashboard, select Appearance>Editor. There are different themes on the WordPress dashboard and they require different method of hiding the ‘Powered by WordPress’ text. You can go through some online tutorials to learn how to remove the text.  If it is a PHP code, you can carefully follow the thread to remove the code. Please do not touch anything if you don’t know how to use the php coding.

5. Regularly Keep Backups of Your Site!

Sometimes, despite making your site as secure as possible, you can still fall victim to security breaches.  That is why it is very important to regularly keep a backup of your site so that you will be able to easily restore you files should a problem occur.

Some backup service includes ‘Cloudsafe365‘, you may combine cloud backup with some secure tools against techniques such as cross site scripting, monitor content theft and SQL injection. Dropbox also offers a very good backup service.


WordPress has tried to remove security features on its platform, but  it is ultimately up to you to make sure that your site is as secure as possible.  Hackers can find it fun just to disrupt your service; therefore, you have to try your best to optimize your security technique as much as you can.

Thank you to my Guest Post Author: Konga Felix

Konga is an Internet-preneur, who majors in blogging.

About OIT Author

This post was written by a guest author. Please see their details in the post above. If you'd like to write for OnlineIncomeTeacher, then check out our write for us page for details about how YOU can share your tips with our readers.

  • Andi Leeman

    Very useful post, doesn’t just tell you what to do it gives details on how to do it. Changing the admin login in the php file and the same for removing the powered by WordPress from the footer. Most people wouldn’t have a clue where to go and what to do, this post really helps them which I think is brilliant. Great post Konga. 🙂

    • Hi Andi! Yes, I think Konga did a great job writing this post for us.

      I remember when I was setting up my security when I first started the site. Was a pain when reading other posts that said to do X but didn’t tell you how.

      I think a lot of people neglect their website security. True, you may not get hacked, but it’s certainly better to be safe than sorry.

  • Have done most of these, but didn’t think to use an encrypted login plugin. Thanks for the tip!


    • Hi Thomas! Yeah, encrypted logins are a great way to add another layer of security to your site.

      People always think of hackers as code breakers that can get into sites in a cleaver way. In reality, most hackers are people who just keep attempting to log into your site the same way that you do! That’s why encryption is so good.

  • danica003

    There are many ways on how to enhance your wp security such as by backing up your files. Bloggers must understand that it is very important to secure their websites and blogs because of the increasing rate of hacking. These strategies are often shared in blogs like these to help the marketers secure their sites.

    • Yes, backing up your site is EXTREMELY important! Not only does it protect you from hackers (as you have a 2nd copy of your site) but you also have a copy should you get any technical problems.

  • Simple But Really Very Effect Steps to Tighten your wordpress Security.

    • Often, the simple methods are the most effective.