I’m constantly blown away by the attacks we see on our WordPress sites. The amount of security that is required to keep a web site being hacked is significant. I’m currently a series of WordPress plugins to keep the attackers out but we get at least one phone call from someone getting hacked.

  1. Strong password
    Make sure to have a strong alphanumeric password with upper and lowercase letters.
  2. Delete the admin username
    Deleting the admin user name is the first step in securing your web site. Replace it with a unique user name which attackers will have trouble guessing.
  3. Disable file editing from dashboard
    Disabling the ability for a user to edit theme files
  4. Hide WordPress version
    Hiding the WordPress version gives your web site a advantage