As I am going to discuss about how to Secure WordPress Site? Before protect full site security you must secure WordPress login page. I am going to share some tips with details for you. I am not telling you to follow these tips, but you should implement these into your site for your website security. If you can not secure your main door you can not secure your full home. So at first you need a super protection for your main door of WordPress Website. The main door is the login page.

Here you can see some plugin I have mentioned and some script. But don’t worry, without coding knowledge you can do it. I will show you everything with a screenshot.

Let’s Dig Into secure WordPress login page –

Lockdown the Login Page: You can use a simple plugin for Lockdown your login page when someone tries multiple time login with wrong username and password. Hacker sometimes run a script for login into a site dashboard. When you Lockdown the login page hacker can’t access your login page. Use Login Lockdown or iThemes Security for lockdown your login page.

2 Factor Authentication: Use 2 Factor Authentication for login into your WordPress site. You can use your personal mobile number or E-mail Address for getting 2 Factor Authentication code. This system will increase 50% more security for protecting your WordPress login Page.

Never Use Admin as Username: When you create a new WordPress hosted website your admin name is “Admin” by default. You must change this username. Use some uncommon username. It will be better if you follow the following tips for your username section.

Use E-mail Address: You can use E-mail address instead of the username for login a WordPress website. 100% hackers tries to login a WordPress site with username. You can hack, hackers this idea for increase your login page protection.

Rename The URL Login Page: When you create a new WordPress hosted website you can see that you WordPress login URL is “yourdomain.com/wp-admin”. You have to change the wp-admin section. There is some trusted plugin into wordpress.org for changing the login URL. You can use Rename wp-login.php plugin. After install and active this plugin, you have to go to Settings>Permalinks. In permalinks section, you can change your login page URL.

Remove Login Links: If your site contains any login links, remove all of them immediately. Most new site contains Meta widget into the sidebars and into Meta widget anybody can see the login URL. So remove the Meta widget now.

Password Generator: I suggest you to use strong password generator for secure your password. Your can normally can do it too. Use uppercase & lowercase letter with some different symbol. I don’t recommend you to use an extra plugin for it because I always prefer to use little plugin into my personal websites. You can use this simple site for generating a strong password.

Change Your Login Error Messages:  When someone retype wrong username and password for login, you can show unique login error message by this system. Just paste the following snippets code into your theme function.php file and save it. You can include more random message to them who tries to login your site with false username ans password. I have included 3 custom message in this following function. But if you want to include more custom message or change this 3 custom message you can do it.

Conclusion: These tips will close a single window for hacker so that they can not hack your username and password. You always want to secure your home from the thief, hackers are like a thief for your website. You should do all necessary step for protecting your Website. I just can show you path, but you have to do it.