How To Protect Your WordPress Blog against Hackers – Part II

January 4th in Wordpress Hacks by .

Earlier this month, I talked about how you can protect your WordPress site against hackers. As someone who has been a victim of hackers for so many times, I can tell you that you’d be doing yourself a favor if you keep a constant eye on your WordPress installation.

Stand-alone Drag & Drop page builder 🤜 for any WordPress theme

While protecting yourself by hiding plug-in and version info on your WordPress blog is the way to go, you should also do your utmost to protect your wp-admin folder. That’s where all the action happens. One way to protect your admin section is by limiting who can access your files there. Matt Cutts has an ageless piece on this.

But I would go one step beyond what Matt is suggesting in his document and deny access to wp-login file as well. That would allow you to protect your blog against Brute Force attacks. Here is how:

{Files wp-login.php}
order allow,deny
deny from all
allow from [your ip]

Replace { with < in the above, and put your IP in there, and you are ready to go. Keep in mind that this will make it very inconvenient for anyone to play with your log-in file (including you). But I rather be safe than sorry.

You may also be interested in:
*some of our articles and lists might include aff links to fund our operations. Please read our disclaimer on how we fund Exxponent.

Follow WP Solver on Pinterest

Previous post:

Next post: