Security of the website should be the main concern of any bloggers and webmasters, especially self hosted WordPress blogs. This kind of web blog is more defenseless than any kind of third party hosted services such as blogger.

Besides, as one of the most frequently used CMSs, it often becomes the major target for any website hacking attack. The higher traffic gained by your WordPress blog, the higher risk your blog for being attacked. So how to increase the security of WordPress web blog?

Various different methods could be applied to make your WordPress web blog more secure. Some of those various methods are quite simple but really effective in increasing the security level. Some of those simple methods are presented in the following steps:

Step 1 – Do Backup

Yes, all bloggers and webmasters know the importance of backing up their installation. The thing is that only some of them perform the backup regularly. What about the rest?

Unfortunately, large number of webmasters and bloggers make the backup of or their installation really rarely. Indeed, WordPress comes with export function for the posts of the blog themselves. However, making your own backup into your WordPress folder is also important. Only relying on hosting company to backup your site is really not enough.

Useful backup plugins: DBC Backup, WP-DBManager, WP-DB-Backup

Step 2 – Check for Update

Check for UpdateSince WordPress is regularly updated, some of its security system might be regularly improved, too. For this reason, you need to keep your version up to date to get more advanced functions for the security system.

Staying update is quite easy. Have a look at your Admin Dashboard then you could check on the latest update. Usually, you will receive a message encouraging for update when your current version is not the latest.

Step 3 – Do Not Keep the default Admin Username

Keeping the admin name as “admin” gives great chance to the hackers to attack your site.

You could choose one among two options to do something about this problem.

  • First, you could delete or change the admin name.
  • Second, you could simply create new user for admin and demote the account of “admin” to the subscriber only. This way, hacker will think that the admin account does exist and they could not make any change to your blog.

Learn more about this tip: Changing Your Username In WordPress

Step 4 – Secure the Password

The basic thing to keep in mind to secure your WordPress web blog is never use birthday date or name as your password (You can try to use the online password generator). Hackers could easily crack this kind of password. Instead, you should use a blend of small letters, capital letters, punctuation, and also numbers. Ensure to make a really unique and difficult one.

Step 5 – Using WordPress Security Plugins

You could find various different selections for WordPress security plugin, such as WP Exploit Scanner as well as WP Security Scan. Installing those plugins will be really useful to secure your WordPress web blog. WordPress 3.1 and beyond comes with Lockdown plugin in its default.

If your budget allows, don’t forget to checkout the security plugin from WordPress developer.

Those are not the only tips you could apply. You could also find many other methods, but never take those five tips aside. Despite its simple and trivial sounds, those 5 tips work really great to secure your WordPress web blog.

You Might Also Like:
How to change WordPress post editor font WordPress version 3.2 comes with so many great features, especially, the new design for admin area, I love it! However, I don't like the way WordPress...
6 Popular Social Media Inspired WordPress Themes If you are searching for any new theme for your blog or want to try something new then you must surely check out my collections of themes which is tot...
List of 10 Little Known but Handy Plugins for Developers WordPress is the most impressive content management system that comes with hundreds and thousands of plugins that offers all sorts of customizations f...
Premium WordPress Themes Given Away By 1Theme I'm happy to announce the Giveaway offered by the awesome folks over at My loyal readers are lucky to have an opportunity to participate a...
10 Most Common WordPress Mistakes to Avoid WordPress is a website builder which is popular with many web developers all over the world. Thousands of websites and blogs have been created using t...

14 thoughts on “5 Simple Steps to Secure Your WordPress Web Blog”

  1. Great tips to secure wordpress blog.Don’t you think uses of many plugins on the WP Blog slows down the Security of WP blog?We should only use the Recommended plugin in our WP blog instead of installing plugin for Everything.What’s say?

    1. Yes, installing too many WordPress plugins, especially plugin that you don’t know much about, will make your website not only runs slowly, but also, faced with many security problems (no programmer can know all issues of his product).

      That’s why we need to keep only necessary plugins.

  2. The tips were pretty straightforward to me. You can always hmmm you know, find out on your own how to do the things you don’t know how to do them/

    Furthermore, the level at the top of the article says intermediate. Again, I don’t consider myself an expert, but they were pretty straightforward tips to me.

  3. WordPress is a fantastic tool for both blogging and building a website. In your article you mentioned updating. When you update a plugin or wordpress itself are there any concerns with the updating effecting these negatively? I’ve heard some nightmare stories about updating. Any info would be helpful.



  4. Hi Jenni,

    First of all thanks for writing the tips as I am not a “technology” person I don’t know alot about wordpress, lately I have been hearing that there are alot of wordpress sites that are getting hacked so I am very concerned about my site, I am not sure if its wordpress it self or it is the plugins that we use.

    Is there a way to know if the plugins we use are secured? I know wordpress releases updates each time there is a new release but what I am worried about are the plugins.


    1. It’s not easy to know if the plugin is secured or not when you’re not a “technology” person. So, in my point of view, let only use the plugin which was well-known in the community, you can Google for it.

  5. Hi Jenni,

    Your share such a nice article. I’d like to know that while installing these plugins could effect on Bandwidth? I mean it slowdown the process or page load time.


    1. Uhm, the answer is YES. However, it depends, maybe your visitors don’t know about the slowdown.

  6. Indeed, we need to make sure that our blogs are protected. Thank you for sharing us these tips, very simple yet effective. I will apply these tips to secure my blog. Thank you, I truly appreciate this post.

  7. Hey Jenni,

    Firstly I would like to thank you for this great post of yours. Ofcourse we need to protect our blogs and this post is very helpful though. Thank you for the tips .

  8. Also be sure to keep your computer updated. Also choose a modern web browser. There is the browse happy project from WordPress. It shows the current versions of popular web browsers.

  9. Great post with practical tips.

    One of my sites was hacked last year and it was no fun!
    You say that backing up to your own WP folder is important – I would say that an off site back up is even more important!

    I use the ‘backWPup’ plugin and use amazon s3 – Its a very easy way to set and forget backups.


Leave a Comment

Your email address will not be published. Required fields are marked *