Protect Wordpress From Hacking
How to protect wordpress Site from Hacking:
Wordpress is a free open source tool which is also SEO friendly and easy to manage websites.But along with these easiness wordpress sites owners faces lot of hurdles and hacking attacks.There are lot of wordpress sites over the internet so there are also lot of peoples who want to break security.
In this threat hackers have no access for to change in your files of website but they will attempt different attacks like SQl injection,DDOS or different kind of attackes.These attackes are used for to make your website ranking or drived some data scrap from your website.At once your website in phase of that kind of attacks then you will receive warning from Google which is harmful for your website ranking. Sometime hackers inject malicious script to footer and this happens due to nulled themes so for that you will remove unnecessary code from footer.php file in theme folder and then sites willb fine. Google point out that your website is Malware if you have that kind of code in your theme so be carefull use paid themes ,or if wanna nulled theme then just check code carefully if u have knowledge otherwise discuss with programmer for to make this fix
Here we can share some tips which are necessary for to safe your wordpress site
1. Limited access of WordPress files/folders
After installation of wordpress you have to check carefully the files/folders permissioning.This is an easy attempt from hacker to access your files if u have global permissions so becareful about this.For this you have to check 1st Chmod of the file wp-config.php & .Htaccess file to 404 (read-only) .
For to safe your website you may also need to give limited access to folder wp-admin by .htaccess & assign IPs from where you want to access your admin panel of wordpress.Under we define a code how to make limited access via .htaccess
AuthUserFile /dev/null
AuthGroupFile /dev/null
AuthName 'WordPress Admin Access Control'
AuthType Basic
order deny,allow
deny from all
# whitelist Tuan's IP address
allow from xx.xx.xx.xxx
# whitelist Brian€™s IP address
allow from xx.xx.xx.xxx
# whitelist Work IP address
allow from xx.xx.xx.xxx
In that code xx.xx.xx.xxx is your IP's from where you want to access your admin panel.You will copy that "allow" code for to make more IP's .
If you do not want to make change in .htaccess file then you will use CHMOD permission system for to stop un necessary access and make this 101 permission.
2. WordPress up to date
As well you know wordpress in open source system for blogging and there are lot of peoples work for to make this more efficient so wordpress updates available when it become.It is very easy to make update wordpress.Just login to your wp-admin and in Tools>update section you will see if new update came.Dont use old copy of wordpress and plugins so make this up to Date,it will reduce threat of hacking.
3. Use ReCaptcha whereever its possible
For to make more secure your system you use captcha system in forms where user have ability to put data like (registration,contact us,comments).When you will use Captcha system in user input area's then it will reduce spamming and also will safe your website from hackers.
4. Make WordPress version Hide
Another easy way for hackers to attack by find out wordPress version and then check security holes for to make attack.So for that you may hide your wordpress version.For this you have open header.php file and delte meta tag for name="generator" content="WordPress" in head section