It’s not possible to stop hacker attacks; however at present there are numerous small operations which will definitely increase the security of your WordPress site, it minimizes the prospect of suffering the maddening problem.
Below mentioned are some of the main guidelines which are has to be followed to protect your WordPress blog!
Permissions of The Folders And Files
File permissions must be the most stringent possible then look where it is possible to give 644 permissions. I propose hypothetical scheme permits, which is adapted from blog to blog.
- The root of your WordPress directory, all files should be writable only by you except. htaccess which must be writable by WP itself (mod_rewrite).
- WP-admin /: administration area, all files should be writable only by you.
- WP-includes /: area of inclusions WP files, all files should be writable only by you.
- WP-content /: area dedicated to users, with all the content that interests you, all files should be writable by all users
- WP-content/themes /: theme folder, if multiple users can change the theme, then you have to open the permissions at all (group), otherwise the files should be writable only by you.
- WP-content/plug-ins / directory: plug-in directory, all files should be writable only by you.
In general I can advise you to give the file 644 permissions, while the folders general have 755 permissions. Moreover if you are on a shared server, it is good to give the file WP-config.php 644 permissions, which means that no other user can read your password to access the database. Setting certain permits may result in incorrect operation of some plug-ins; in this case ask the plug-in files to 755.
How to change the permissions? Use FileZilla to access via FTP, then just right click on the file or folder and choose Set permissions.
Periodic Backup of Files and Post
Council to carry out a periodic backup of your entire WordPress blog, both the physical files of the post, so as to always is covered in the event of file corruption by intruders,
Take a Control
Finally, check out immediately if your blog is suffering from a problem through the secure check.
For the future, you can periodically check the number of pages found by the spiders of Google by typing in the search engine site. In this way you will see more or less how many pages your blog has, so if someone will create many pages of spam, it’ll make you immediately realize.
Always Update WordPress
Keep as much as possible your blog updated to the latest version available because they are often made changes and / or corrections to improve the safety of the blog.
Delete Inactive User Accounts
If you are given the option to subscribe to your blog, you will certainly have to have new registered users….. Here comes the problem, these users often use a very simple user name and password (if not the same coupled used all over the web). By doing so hackers could easily enter in your blog, and somehow create problems. Delete inactive users and set a policy for creating passwords more rigorous, perhaps through a simple plug-in to login Lock also propose that later.