Improve your WordPress website security in 5 minutes

WordPress is currently the most commonly used content management system on the web. It’s well supported, open source and easy to use. There is a downside, however – its popularity makes it a prime target for hackers.

Installing the following plugins can help keep your WordPress website safe.

WPS Hide Login Plugin

Most WordPress websites are accessible via the wp-admin.php file, such as: https://www.yourwebsite.com/wp-admin

WPS Hide Login is a lightweight plugin that simply allows you to choose an alternative URL, such as: https://www.yourwebsite.com/loginhere

The wp-admin page returns a 404 error, which makes it more difficult for hackers to use brute force entry.

Read more and download the WPS Hide Login plugin.

Loginizer Plugin

Loginizer blocks IP addresses that try to login multiple times with incorrect passwords. You can set the number of password failures and the length of the timeout. It’s easy and effective – so much so that many WordPress hosts install it as standard.

Read more and download the Loginizer plugin.

Wordfence Security Plugin

Wordfence is a paid-for premium plugin with a limited free version. The free version is certainly worth installing before deciding whether to upgrade to the paid subscription.

Wordfence can permanently block IP addresses that try brute force logins. You can also manually blacklist IP addresses. It will periodically email you with notifications such as when a plugin needs to be updated. It also notifies you of any recently updated files.

Wordfence features a firewall to block malicious traffic. Its malware scanner checks themes, plugins and core files for code injections, malware, backdoors, bad URLs, SEO spam and malicious redirects.

It offers multiple security features and is well worth reading about in more depth here.

Keep your installation and plugins up to date

When you’re running a business, it’s easy to neglect your website for months at a time. It’s worth spending a few minutes every week to make sure your WordPress installation and plugins are up to date.

Be aware, major upgrades can (very rarely) break some of the design or functionality of your website, so it’s important to back-up the site. A great way to do this is with the All-in-One WP Migration plugin. Simply export and download a zip folder backup of your entire website.

Important: before installing any WordPress plugin, check the latest reviews and how recently it was updated. Discontinued plugins, or those that haven’t been updated recently, may pose a security risk. Only install plugins from the official WordPress website: https://wordpress.org/plugins/.

WordPress website design and build in Bristol and the South West

Do you need a new WordPress website for your business? I design and build WordPress websites, tailored to your business requirements. Take a look at my portfolio to see if I would be suitable for your needs.