If you don’t think about your website security then in the future maybe you will be a victim of an attacker. Nowadays maximum people having their own website maybe it’s for blogging, selling products, services, or anything else. But remember that, there is some bad guy who belongs with us but We can’t recognize them. So every time they try to breach your website security to hack your website for their own profit. Now the question is how can I save my WordPress website from being hack? Ans: Don’t worry I will show you how can you save your website from getting hack, Just follow my articles.
Table Of Content
- 1 Don’t share Your Credentials
- 2 Hide Your Admin Panel
- 3 Use the DOS protection:
- 4 Sanitize your input field & file upload field
- 5 Don’t use null theme and plugins
- 6 Update Your Website
For your kind information, I let you know that the maximum website getting hacked by sharing login credentials with his friend or someone else. Maybe today you trust that guy and share your credentials with him/her, but tomorrow for some reason you being an enemy in front of him/her. So he/she wants to damage your property and he/she has your login credentials now he can do anything with your website as her/his wishes without your knowledge.
So, trust in yourself and don’t share your login credentials with anyone.
Hide Your Admin Panel
Hide your login panel from other visitors. Maybe they got your login credentials but he needs to login panel to put that username and password to access your website. So, you can hide your admin panel using this plugin WPS Hide Login.
How To Use:
Go to the Plugins Section > Click on add new > Search this Plugins WPS Hide Login > Click On Install > Activate this plugins.
After complete, this above step then goes to the settings you will see one option is there which is WPS Hide Login. And do the same things which you can see in the images.
Use the DOS protection:
DOS (Denial-of-service) attack can create a huge impact on your site if your site is hosted on a normal hosting. By this attack, an attacker generates the fake traffic and sends it to your website so after getting this huge traffic at the end time your site can’t hold any traffic anymore and your website will be crash, for more details about DOS ATTACK you can see (Readmore). So for this attack, we can use Cloudflare Protection on our website. Here is the documentation, Before using the Cloudflare protection please read this.
Sanitize your input field & file upload field
In most of the cases website owner forget to do sanitize the input field which takes input from users like the contact us form page or support form page. In that field, a website owner takes feedback from a user for good purposes but if someone puts malicious code or uploads a backdoor/shell then your site will be hack by him. So, basically, you have to sanitize all the input field which is openly available for the visitors.
Ex. If you have an option where you want that visitor to upload an only image file, then you must need to sanitize that file whether it’s an image file or not. Same things you can do with the text fields.
Don’t use null theme and plugins
I recommended to everyone please avoid nulled themes and plugins, Because in most cases attacker injects the backdoor into the theme or plugins file without your knowledge. So when you install that theme or plugins into your WordPress site, then your website will be hack by this attacker. But I know that most of the bloggers has not enough money to purchase the original theme, That’s why they use nulled theme. But I recommend that before installing that null theme and plugins please check the file whether there is any backdoor or not, you can scan that theme or plugin file by using VIRUS TOTAL, This website allows us to scan any file into their website.
If you need any theme and plugins then ask me I will provide that file to you free of cost 🙂
Update Your Website
Please update your WordPress version, theme, plugins to the latest version. Because it will increase your website security.
If you follow all the above steps then your website will not be hackable anymore. But remember, you have to know that security is an illusion so be alert. 🙂