loading...
Protecting the WordPress Admin section and the login page is important.
Hackers can attack your website with the certain script, but you can also be a security risk to your own website.
It is all about everything that is set up correctly and not just let everyone register and the like. Fortunately, you can easily protect your WordPress administrator section with some simple tips that follow in this article.
Choose strong login data
Strong login information is extremely important and this is not just for your own website, but also for your login information on other websites.
You must make sure you choose a good username (no admin). Have you opted for the username admin when installing WordPress? In the article " Delete Username in WordPress", you can read how to customize this.
Additionally, make sure that the password is long and has a variety of characters, numbers, and symbols. Short passwords are now easier to crack. Certainly, if the normal words are. Also, do not always use the same password for all websites, this is very unwise.
In addition, not only your login information is important. The login details of other administrator accounts on your WordPress website are just as important. So make sure everyone has a strong password.
Tip: In order to generate a strong password, you do not have to worry too much. Login to your website and go to "Users -> Your Profile". In the User Management header, you will see a "Password Generate" button, where WordPress creates a strong password for you.
Make use of 2-step verification
2-step verification, also known as Two Factor Authentication (2FA), is a method of protecting your account. In addition to your username and password, you get an extra unique code or token through your smartphone.
So when someone wins your login information, he or she will need an additional code to actually log in.
For WordPress, there are a variety of plugins that can help you with 2-step verification. For example, you can use plugins like Google Authenticator, Keyy or another plugin.
Limit login attempts
With brute force attacks, an attempt is made to retrieve your login information by automatically executing and testing all kinds of combinations. It's a popular way to penetrate a website. It is therefore wise to limit the login attempts that may be made.
There are several plugins available to help you with this. Even so, there are hosting providers who have already taken action and set an additional screen between the login screen to know automatic scripts.
When you want to limit the login attempts with a plugin, you can look at plugins like Login Lockdown.
Hide WordPress login page
An option you still have is to hide the login page of your WordPress website for the outside world. However, sometimes it may cause conflicts with some plugins, making it a doubt between ease of use and security.
The advantage of slug adjusting the login page is simply that the scripts do not search for this page, they are purely focused on wp login.php.
A plugin that you could use to change the slug of WordPress login page is WPS Hide Login. Of course, you must remember what you adapt it to.
Determine the user role per user
Too often, I see that people for other people who can work on the website have the user role Administrator. Each administrator is, in principle, an additional risk to your website, because this user can really be everywhere.
Does anyone write for your website? Then give it the Writer or Editor role. The writer can still be anywhere wherever he or she should be able to.
If you want to go one step further, you can customize user roles with a plugin like User Role Editor. With this plugin, you can customize all user options as desired.
Furthermore, it is also useful to remove users who are no longer active on your website. If you want more information about giving the right user role, you can read the " Always Read the Right User Roll in WordPress " article.
Conclusion
When it comes to the security of your website, there are a lot of things you can think of. A simple part is to control who can get in on your website.
Do not pay attention to this at all, do not look strange when it's going wrong and it has an impact on your website.
In this article, I have given you some tips that you might think about. It is your choice whether or not to do something about it.
Post A Comment:
0 comments so far,add yours