Here are the 10 tips to save your website from hacking. Have you ever faced problems of someone trying to access the backend of your WordPress website with your IP address and with the username of Administrator or admin. Well, if your answer is yes, then you are not the first one who has been the victim of the bad guys out there on the internet. If your answer is no, then wow, you are a lucky few. But you need to act now before your luck runs out.
In this post, I will explain you 10 tips to save your website from hacking and from stopping people accessing your administrator account.
10 tips to save your website from hacking:
- Set the right username: While creating the administrator account do not create the administrator username like “Administrator”, “admin”, or “webmaster”. These are the sweet spots for the bad guys sitting out there.
- Change the username, in case it’s not set correctly: In case you have already created your administrator account with the username as “Administrator”, “admin” etc. change it immediately. You will not be allowed to change this in your WordPress admin panel. You will have to change it in your MySQL database. Learn how to change the username in MySQL
- Change the backend admin panel URL: Hackers typically try to access your backend by targeting yourdomainname.com/wp-admin, so you need to change this path. One of the easiest and the best way is to install Ultimate Member Plugin. This is a Free Plugin. This is truly an Ultimate Plugin for user registration and management. Though the primary aim of this plugin is different, but this also provides us the solution we are looking for changing the backend url. Once you have installed this plugin, your back end to access the admin account will be changed to www.yourdomainname.com/login
- Use reCAPTCHA: In addition do install the reCAPTCHA plugin for the Ultimate Member Plugin
- Install Akismet: When you install WordPress, by default, Akismet is also installed. Make it a point to activate this plugin.
- You can trust on Wordfence: If you still want more protection, you can install WordFence. This is also a Free Plugin. Though they have a pro version also, but that is actually not required.
- Install Jetpack on your website: You can also you the Jetpack security feature if required.
- Remain updated at all times: Always keep your WordPress and all the plugins update.
- Go back to the basics: Never share your Administrator details with anyone.
- Change your password: In case you are hiring a freelancer for certain development and you have shared your admin details, then do not forget to change it immediately as soon as the work has been completed by the freelancer. Also you should change the password frequently.