I’m constantly blown away by the attacks we see on our WordPress sites. The amount of security that is required to keep a web site being hacked is significant. I’m currently a series of WordPress plugins to keep the attackers out but we get at least one phone call from someone getting hacked.
- Strong password
Make sure to have a strong alphanumeric password with upper and lowercase letters.
- Delete the admin username
Deleting the admin user name is the first step in securing your web site. Replace it with a unique user name which attackers will have trouble guessing.
- Disable file editing from dashboard
Disabling the ability for a user to edit theme files
- Hide WordPress version
Hiding the WordPress version gives your web site a advantage