90% of the serious bloggers out there are using WordPress as their blogging platform. When it’s crowded, robbers will be there obviously; here we call them hackers. Of course WordPress is most secured than any other platform. But still remember that hackers are smart & intelligent than programmers. So, be cautious & observe every moment in your online presence…

# 1 Keep Up to Date

First thing you have to Do is, just keep your WordPress & Plugin collection up to date. You will see notification in your admin panel time to time or just install Auto upgrade plugin, which will do the task for you just in 5 clicks. It will take care about the back up too.

Be up to date with your WordPress plugins too. Just go to your plugins section in your dashboard and click on the auto upgrade to up to date with the plugins. Keeping all the things up to date will be the top most & basic important thing to secure your online presence.

# 2 Beware of Free Themes & Plugins

It’s been found that WordPress blogs are being hacked very often in recent days. Only the main reason behind this is downloading free themes & plugins from unauthorized sites. WordPress became very popular with its awesome API and amount of themes & plugins available for free.

Hackers taking advantage of the same. Think twice before downloading a theme or plugin and download always from authorized site or author sites. Here is a detailed article on this: Downloading Themes from 3rd Party sites? Be careful..!

# 3 Limit Plugins Usage

Don’t use too many plugins on your blog. It’s not only for security Reasons, it will improves your blogs load speed and performance. Limit your plugins collection to 15 at max. Trying each and every new plugin is not at all safe for your blog.

Assess the functionality of the plugin and count the benefits you get from that plugin. By doing this you can judge whether to have it or not.

# 4 Users & Passwords

This is the point where most of the hackers sitting to gain your access. Keep your usernames and passwords strong & unpredictable. Here are some precautions to be noted:

• Don’t use blog name as username
• Don’t use author names as usernames
• Don’t use author@123 or something like this as passwords
• Don’t save your passwords in mails or browsers
• Use very strong passwords i.e combination of at least 3 group of characters
• Keep changing your passwords at least monthly

# 5 login LockDown

Limit login attempts to your blog i.e preset 3 or 4 login attempts, exceeding which will lead to the IP blockage. You can do this by installing a simple plugin called Login LockDown, which will block the spam bots from gaining access with combination of login credentials.

This is the must have plugin for a WordPress blog. You can set the Maximum try outs a 3 and later you can change or unblock a specific IP. Here is the complete guide about Login LockDown

# 6 Hide Directories

To know whether you need to take this measure, try this experiment. If your blog is located at, say, http://www.yourblog.com/, type http://www.yourblog.com/wp-content/plugins/ in your browser. If you see a listing of all the plugins you’ve installed in your blog, this section applies to you.

Showing your list of plugins to public is nothing but showing loop holes to your blog. By seeing your list of plugins, hackers can find loop holes to hack your blog. Here is how you can hide them by using .htaccess

# 7 Hide/Remove WordPress Version

Right click on your blog page and go to view page source and try to find your version number there (Simply Ctrl + F and try to find 2.7. ). If you succeed here, just read below, it’s for you.

Each WordPress version has its known vulnerabilities. It’s a good practice to hide as much unwanted information as possible to the outside world. If you show your WordPress version out, bad dogs may try to hack your blog with that version loop holes.

Here are 2 simple ways to hide your version number:

• No version plugin is a simple plugin that will replace the version number with blanks, so anyone doing a view “page source” from the browser on your site will not be able to see your WordPress version.
• This is a simple hack: Just open your functions.php and paste the following code somewhere there.

remove_action(‘wp_head’, ‘wp_generator’);

# 8 Do Regular Scan

Scan your WordPress installation for security vulnerabilities. WP Security Scan is a simple plugin, which will scan your complete WordPress installation and suggests you the corrective actions to safe guard.

# 9 Protect Comments from Spam attack

Smart spam bots will try to Comment on your blog with unsolicited links to other resources. Which may contain iframes or malwares. Using a simple plugin like Block-Spam-By-Math will do the task for you.

# 10 Auto Backup Always

Backup Backup Backup always. It’s very important to have backups daily or at least weekly. Either you should take it manually or you should use a simple plugin called WP Database Backup, which will do auto backup as per your settings. It will send you a DB backup zip File to your email either daily or weekly or monthly as per your settings.

Hope you found it useful in securing your loving blog. Is your blog secure now? Share with us! Happy Blogging!!

Related posts:

1. Protect Your WP Blog from Password Hackers
2. Simple Plugin to Save you from Spam Comments!
3. Safe and Easiest way to Upgrade your WordPress to 2.7! Just in 5 clicks!!
4. Plugin To:Customize/Change Your WordPress Login Page!
5. 8 Best Wordpress Plugins to Make Your Blog Mobile Friendly