WordPress currently is one of the most popularly used online tool for blogs and sites among people across the globe for personal or business purpose, but still is considered to be a security vulnerable platform. But with some understanding and research, it is possible to know the latest 2016 WP security tips that can be used for keeping the blog to be secure and safe from those dangerous and harmful hackers, who otherwise, might strike at any point of time.
For any site or blog, security strategy is an absolute must. Since WP is used as the most popular type of open source blogging software, it has become a primary target for many of the malicious attacks that take place. Fortunately, there does exist several protective plug-ins, techniques and functions, which when carefully and properly used, can save the site from being hacked. Using the tools can definitely defend the site from various types of vicious activities, spam, hacks and other threats.
Essential WP security tips to know
• Hiding WP version number: In case, the person is not being in a position to have upgradation of the WP done for any reason, then the hackers are not to be allowed to know the current version. Since bugs of the previous releases are already known to everyone through wordpress.org, attacking the site can become an easy task. The version number can be hidden by using the below mentioned instructions:
* If a new theme is being used, simply add following into functions.php file of the theme.
* “Php bloginfo (‘ver’); ?> /> is to be removed from the theme’s header.php file, if an older theme is being used.
• Constant upgradation: The WP version is to be upgraded constantly along with plug-in and theme. Using the latest version can help fix any type of security bug that may have crept into the previous version. Hence, upgradation is a wise move taken to secure the site.
• Securing administrator account: Default WP installation before WP version 3.0 is known to have come with administration account ‘admin’ to be its user name. Since it is already known by hackers, they are sure to try this always. Therefore, the administrator account username should not be kept something that is easily guessable such as ‘yourname’, ‘yoursitename’ or ‘admin’. If already have one or has installed WP version which is much older than 3.0, then it needs to be changed.
• Disabling directory browsing: Trying to enable directory browsing in the site can be comparable to that of keeping the door open always to allow the thief to get inside and to steal things. It is important for the door of the house to be closed. A simple trick that can be done for disabling the directory browsing would be to have blank index.php or index.html file in every directory as well as sub-directory, but without the root.
The above are few of the security tips that one can undertake to ensure that the WP website is made a safe place for everyone.