Secure WordPress Site – Protect WordPress WP-Admin Folder From Hackers
Security is necessary to our personal life or virtual life. Our personal Website seems like our personal home. It’s important to Protect WordPress Site From Hackers now. You have to secure your WordPress site for your security.
A Secure WordPress Site is necessary for running a secure business. WP-admin folder is the mother of a WordPress Website.
Make a Custom Job For Us on Envato Studio & We will Secure Your Full WordPrss Website.
7 Important Tips To Protect WordPress Site From Hackers:
Watch the following 2 minutes 24 seconds video from Webucator, a provider of WordPress training, if you prefer video instruction:
01. User Password for WP-admin Folder: There are two methods for use password into your WP-admin folder. Don’t worry I will share details with images. One method is for general Cpanel user and another method for code lover 😀 . It will be easy for you to protect WordPress WP-Admin Folder From Hackers.
Use your Cpanel to protect WP-admin folder with Password: Go to your website Cpanel and login with your Cpanel user and password. You will see an option named “Directory Privacy” or “Password Protect Directories”.
Just click into this option and press go button or next button. If you are running more than one site using one hosting, then select the domain name where you want to use a password for the WP-admin folder (For privacy I have blurred my site address ).
Now you can see all folder of your selecting site. You can protect any folder with password from this section.
Just make a click into the WP-admin folder name and you can see the final step for protecting the WP-admin folder with password. You know that password is case-sensitive. So be sure that is your Caps Lock key is on or off. Now make a strong password to protect WP-admin folder.
Simple Coding Method For Protect WordPress WP-Admin Folder From Hackers: For woking with simple coding method you have to create a .htpasswds file. Create this file into your PC or Mac directory. You can easily create a .htpasswds file with Online Htpasswd Generator. After generating your .htpasswds file, upload it outside of /public_html/ directory.
Now it’s time to create a .htaccess file with the following code.
AuthName "Admins Only" AuthUserFile /home/yourdirectory/.htpasswds/public_html/wp-admin/passwd AuthGroupFile /dev/null AuthType basic require user putyourusernamehere
Hey, Don’t upload this .htaccess file now. You have to change everything into this .htaccess file. This is just a demo format for you. Update this .htaccess file format with your .htpasswds file username, Directory. Now you have to upload this .htaccess file into /wp-admin/ directory.
02. Stay Up-To-Date with WordPress core and your Plugins: Keep update your WordPress version and other plugins. Don’t disable your WordPress update notification. When you get any update notification, just update it without any doubt.
03. Delete Old Admin After creating New WordPress Site: After creating a new Website with WordPress, just delete the admin user after creating a new user as administrator. Never use admin as your username.
04. Create Editor Account: I know every site has it’s own blog and sometimes admin publish the article with his/her administrator account. Here my suggestion is to create a new user as Editor. Because, author name always visible to the visitor. It’s easy to the hacker to find out an administrator via blog post. But if you create an Editor account and somehow hacker can hack this account but the hacker can not harm too much.
05. Implement SSL into login and admin page: If you need full protection for your website, please use SSL service for login and admin page. Sometimes it takes 500+ years for the hacker to broke your login and admin page security for the hacker.
06. Check File Changes: I highly recommend anyone to use Acunetix WP Security for remove unnecessary scripts and code.
Conclusion: Follow these 7 step for protecting your any WordPress website. The Website is secure means your business is secure.