Ultimate Tutorial to Make your WordPress Blog 100% Secure

May 17th, 2009 - Hacks, Tips & Tricks, WordPress

Every WordPress blogger wants to make his blog 100% secure so that no hacker could hack it. So, I had written a tutorial to do it:-

1. First of all add the following code at the beginning of your public_html/.htaccess file:-

Options All -Indexes

2. Add the following code according to the type of your ip address in wp-admin/.htaccess

Static ip address:

AuthUserFile /dev/null
AuthGroupFile /dev/null
AuthName “Access Control”
AuthType Basic
order deny,allow
deny from all
allow from xx.xx.xx.xx

You will have to change the xx.xx.xx.xx to your static ip address.

Dynamic ip address:

<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REMOTE_ADDR} !^xxx\.xxx\.
RewriteRule .* http://www.kishan.info/ [R,L]
</IfModule>

You will have to change the xxx.xxx to your dynamic ip address’s first six numbers. For example, if you dynamic ip address is 111.111.111.1 then you should change it to 111.111. After doing this you’ll be only able to access the wp-admin folder if your ip address starts from what you have given in the htaccess file.

2. Change your user from admin to something else. If you don’t know how to do it then follow the tutorial:-

a. Go to Users -> Add New and fill up the details. Select “Administrator” as the role.

b. Logout from the admin account and login to the new account.

c. Goto Users and delete the admin account.

d. Check the  button and select the newly created user name in the drop down box.

e. Now click on Confirm Deletion.

3. Download the following plugins and install them:-

WP Security Scan – It will perform a security check of your blog and tell you what shall be fixed in your blog.

Chap Secure Login – It will send the password encrypted when you login for non-ssl blogs.

Login LockDown – It will block the IP for (user set) minutes after giving (user set) login attempts to block Brute Force and Dictionary Attacks.

If you don’t know how to install WordPress plugins then goto this link and follow the instructions given there.

4. Change your WordPress database prefix. If you don’t know how to do then go to this link and follow the tutorial.

Some tips which you should follow:-

  • All always update your WordPress version and plugins.
  • Change your admin password weekly.
  • Choose a unique password with uppercase, lowercase, numbers, spaces and special characters (e.g. K!$_h@N) and never use it in other websites.
  • Never tell anyone what plugins and WordPress version you are using.
Share |


Subscribe to the newsletter:


Related Posts:

Popular Posts:

Random Post »
  • Nice post dude...
  • nice article....
  • Such a awesome site. I am saving this page.
  • +1
  • yep
  • very informative article... I would like to use a piece of this on my blog, is that feasible?
  • ^^Make sure that you give credits to tech-Know kishan where you have copied the info.
  • Very good concept, I like how you convey the message.
  • +100
  • ^^Whose theme? My blog's theme?
  • Teagan
    What theme is this? Can't wait to start my own blog. :)
  • ^^Whose theme? My blog's theme?
  • Henry
    Thanks alot for the great read.
  • day_forex
    I like this website very much.

    This is such a great site.
    And it is not like other money directed website, the information here is really important.

    I am definitely bookmarking it as well as sharing it with my friends.

    :)
  • Taliyah
    Thanks alot for the great read.
  • Wayne O.
    I was going to write a similar blog concerning this topic, you beat me to it. You did a nice job!
  • Kaeden
    I am really glad I found this blog. Great Job! :)
  • Really nice posts. I will be checking back here regularly.
  • Anonymous
    Awesome!
  • Hi, I can’t understand how to add your site in my rss reader. Can you Help me, please :)
  • ^^Add the following URL in your RSS reader:
    http://feeds.feedburner.com/tech-Know_kishan
  • Anonymous
    Great site. Keep doing
  • dadies
    nice job men:)
  • fabrika
    Good Job!!
  • The best information i have found exactly here. Keep going Thank you
  • Thanks for taking the time to write in. We aim to update out blog at least on a weekly basis.
  • nfaze
    Thanks!!
  • itzgerald
    Thanks
  • Clothing
    Wow! Its imposible... I'm realy shocked :/
  • vintage
    Nice blog!
  • taging
    Thank youuuuu!!! =)
  • dafdaf
    Thanks!
  • pills
    I apologise, but you could not give more information
  • optura
    It is the coolest site, keep so
  • corimex
    Hope it will always be alive
  • coop
    I recently came across your blog and have been reading along. I thought I would leave my first comment. I don't know what to say except that I have enjoyed reading. Nice blog. I will keep visiting this blog very often.
  • asss
    I want to say - thank you for this
  • usniroo
    Thx.
  • farerase
    Hey! Muchas gracias!
  • alhadass
    AWSOMENESS!!!!!
    thank for helping a brotha out dude!
  • znak
    Thanks for post
  • ElenaLisvato
    As a Newbie, I am always searching online for articles that can help me. Thank you
  • LnddMiles
    Great post! I’ll subscribe right now wth my feedreader software!
  • Anonymous
    Pretty cool post. I just stumbled upon your blog and wanted to say that I have really liked reading your blog posts. Anyway I’ll be subscribing to your blog and I hope you post again soon!
  • KonstantinMiller
    Hello, can you please post some more information on this topic? I would like to read more.
  • I'm glad that after surfing the web for uch a long time I have found out this information. I'm really lucky.
  • gammamrketua
    You have very good site!
  • ^^Thanks for telling me about it. :smile:
  • Hi nice article do update WP Security scan version 2.7.1 is available
  • thanks for the article!
    more upgraded
  • KrisBelucci
    da best. Keep it going! Thank you
  • Nice post. Really a useful information for wp users.
blog comments powered by Disqus