By Marko Saric
Published July 4, 2013 
Is your WordPress blog safe from malicious people?
Would you like to make your WordPress blog more secure?
Most often, people don’t think about security measures until it’s too late. But there are some simple steps you can take to keep your blog safe.
A blog that has been hacked can suffer from loss of content, stolen data and expensive downtime. Maintaining the security of your blog helps you protect your reputation and provide your visitors with the best service possible.
Because WordPress is such a popular platform for blogging, it’s a regular target for hacking attacks launched by people who find and exploit weaknesses and vulnerabilities in websites.
Here are 5 simple security measures that you should implement on your business blog today to protect it from hacking attacks.
Hackers look for blogs that use the default WordPress admin username because it’s half of the information they need to gain entry to your blog. When you use “Admin” as your username, you save the hacker a lot of time. All they’d need to do next is to figure out your password. Once that happens, they can enter your blog and do whatever they want.
The first step in making your blog secure is to create a new user profile for yourself and delete the default admin username. This makes it more difficult for someone to hack into your business blog.
To create a new username profile, open the WordPress admin navigation, go into Users and click on Add New.
Create a new user profile and change the role to administrator.
Fill in your details and make sure to give yourself the role of an administrator so you have the ability to make any necessary changes on your blog. After your new username is created, log out of your WordPress dashboard and log back in with your new user details.
Go back into Users and delete the default admin user. At this stage, WordPress gives you the option to transfer the posts authored by the admin user to your new user profile; choose that and you won’t lose any of your content or data.
No matter how much awareness is raised around the danger of using a simple password, many people continue to use simple passwords that are easy for them to remember. Unfortunately, this also makes those passwords easier to crack.
It’s important that you use a strong and secure password. It should be a minimum of eight characters long with uppercase and lowercase letters, numbers and special characters.
To change your WordPress password to a stronger character string, go into Users and choose Your Profile. At the bottom of that page, fill in the New Password fields.
WordPress interface for adding a new password.
Make this a requirement for every member of your blogging team as each login password presents a potential gateway for hackers to try to enter.
In response to security vulnerabilities, the WordPress software, themes and plugins are regularly updated with the latest patches and fixes.
When a WordPress update is available, you’ll see a prominent notification across the top of your dashboard.
You’ll see a yellow notification banner across the top of your WordPress dashboard when there’s a new update available for you to install.
Updating is a simple 1-click process in your dashboard so you won’t need to leave your browser or do any manual uploading via FTP.
Backing up your database is an important part of keeping your blog secure.
WordPress makes the backup process simple with both free and paid options. WP-DB-Backup, a free option, is one of the most downloaded WordPress backup plugins and is a simple solution for beginners.
To install WP-DB-Backup, go into Plugins and choose Add New. Type “WP-DB-Backup” in the search box. Click Install Now and then click OK.
It’s easy to find and install a plugin to back up your blog. Under Plugins, click Add New and search for WP-DB-Backup or another backup plugin.
From the Plugins screen, Activate the plugin.
After the plugin has been activated, you’ll have a new addition to your navigation in Tools named Backup. From Backup, you can either back up your database immediately or you can set the backup to occur on a regular schedule. The backup files can be downloaded to your hard drive or sent to your server via email.
WP-DB-Backup gives you the option to save to server, download or email.
You’ll appreciate knowing you always have an up-to-date backup of your blog in the event something does happen.
The Limit Login Attempts plugin is especially useful in helping to repel brute-force hacker attacks by blocking access to the login page after a series of incorrect login attempts have been made. As administrator, you decide how many login attempts to allow before the plugin launches the block.
Install this plugin by going into Plugins and choosing Add New, just as you did to find the WP-DB-Backup mentioned above.
This time, search for “Limit Login Attempts,” click Install and then OK. Activate the plugin from the Plugins screen and you will have a new Limit Login Attempts option in your Settings.
To set the number of allowable login attempts and other limits, click on Limit Login Attempts, fill in the options and click on Change Options to save your work.
Limit Login Attempts plugin settings in your WordPress dashboard.
Bonus Tip: Here’s one last tip to help keep your blog safe. Remember to research any plugins you are interested in. This is one tactic used by others to try to attack your blog. So only install plugins from reputable sources and check the reviews on WordPress.org.
Keep your business blog safe.
These are five things you can quickly put in place to help make your business blog more secure. They will go a long way in protecting your blog from the majority of hacking attempts and give your blog more security than many of the other blogs published today.
What do you think? How often do you think about the security of your blog? What other precautions do you recommend to keep a blog safe? Write your comments and questions in the box below.
About the Author, Marko Saric
Marko Saric is a bloger at HowToMakeMyBlog.com, a site that teaches you everything you need to know on starting a blog and making it a success. Other posts by Marko Saric »
Is your WordPress blog safe from malicious people?
Create a new user profile and change the role to administrator.
WordPress interface for adding a new password.
You’ll see a yellow notification banner across the top of your WordPress dashboard when there’s a new update available for you to install.
It’s easy to find and install a plugin to back up your blog. Under Plugins, click Add New and search for WP-DB-Backup or another backup plugin.
WP-DB-Backup gives you the option to save to server, download or email.
Limit Login Attempts plugin settings in your WordPress dashboard.
boostmypresence 