Skip to main content

Wordpress Security, a small introductory checklist

About Wordpress Security

Wordpress security is nowadays a very big thing over the web, mainly because wordpress now accounts for at least 24% of all the websites built globally. These websites are part of what is called self-hosted wordpress. This refers to the branch of wordpress which you download and build your own website and then host on your own hosting space. You can get this branch of wordpress onto and is normally called "Self Hosted Wordpress" around the web and within the rounds of wordpress developers.
There is another branch of wordpress which is hosted on wordpress's own cloud servers you can find at in which you will need to have an account and register your own blog/site. The main difference here is that with Self Hosted Wordpress, you can customize the site as you please, install your own premium theme, install plugins, chance and edit the css code, develop your own plugins and even themes and tinker with security and settings. This set of customizations and features is limited or not available at all in Some functionality becomes available on only via a paid premium plan ( edit the code e.t.c. ). 
So what you can do about wordpress security if you have a self-hosted wordpress installation? Here is a small simple list of what you can at least pay attention to, in order to minimize the possibility of your wordpress website being hacked : 

A small checklist on wordpress security

  1. make sure your web host is good and of high quality and has something to say or show for about wordpress security
  2. disable and delete all plugins which are not being used or are of no real use to your site, the more plugins you have installed the higher the possibility of one of them being utilized to allow access to your site to someone that should not have it
  3. use strong passwords for your user accounts, forget about using passwords which are easy to remember and follow the guidelines for strong passwords, wordpress now does this by itself but if you are to set your own password, make sure its really strong
  4. do not use an "admin" username on your site, avoid such usernames of standard format thus similarly avoid "user", "admin", "administrator", "manager" and even avoid your first name, use something more difficult to guess
  5. make sure your file permissions are set to 644 and folders to 755 on your wordpress installation, this is something you can tweak and check via the file manager tool in your web hosting's management panel, commonly known as cPanel or Plesk ( the two most popular web hosting management panels available ).
  6. always keep your wordpress website, plugins and themes updated to their latest versions, do not leave your site un-updated for long, updates come to fix problems, patch security "holes" and also strengthen the security of each implementation.
  7. do not give your passwords away to people who should not know about them
  8. check out some security plugins online for wordpress, download and configure them on your site, enabled features like firewalls or login attempt monitors e.t.c.
  9. do not install and use plugins from unknown developers or nulled ( cracked ) plugins you download from the internet, do not trust developers outside the wordpress marketplace or premium marketplaces of wordpress plugins around the web

If your site is hacked

There will come a time when your site ultimately will get hacked, either because you missed something when securing your site or because something else went wrong ( i.e. one of your plugins got hacked in general or hackers found out how to leverage a vulnerability of wordpress to gain access ) or even because you have been a target of a hack for a purpose. 
If that happens, you will need to do two things, most of the times : 
  1. contact your web host and ask them to restore the site to an earlier backup so you can pinpoint and then fix the problems which allowed the hack to happen
  2. make sure you investigate the reason why your site got hacked and secure your site so it does not happen again, its important to understand that restoring the site from a backup, will still "contain" the reason why your site got hacked in the first place.


Popular posts from this blog

Enable AMD's Radeon Chill feature for all games.

Since 2014 AMD has been following the tradition of releasing new performance and usability features in their December driver, and 2016 was no exception. Among the myriad of new features and enhancements, was also one that passed almost unnoticed, called Radeon Chill.

Stemming from AMD's acquisition of HiAlgo earlier in 2016, it offers the possibility of huge power and thermal savings while gaming, by monitoring screen movement and adjusting the frame rate accordingly. There is even the claim that it could also reduce response times since the GPU is not occupied with rendering as often.

Its only issue: it's not global, and it's based on a white list of applications to function. But fear not, for we are here. Using a trick as old as operating systems themselves, you can try to make it work with every title. Let's see how to do that.
Step One: Activate Radeon Chill. Doing that is fairly easy. Right click on your desktop and select "Radeon Settings":

Then naviga…

Your first post in your Facebook Page, some simple tips

Many new pages are created on Facebook every day by brands that need to use the network for wither exposure or marketing or both. There are many small businesses that want to use Facebook and need to know about some initial tips to get started with their facebook page.

Facebook page management is no rocket science, but it can lead your brand to either a successful presence or nothing at all, if you don't pay attention to some details. You have to start with the basics. Your every-day process with your page is your posts, information you share on your page and your fans will see. First take a note that not all of your fans will see your post. Let's say you have 1000 fans, only about 10-15% of your fans are expected to actually see that post. What's important here is to make your post appealing so whoever sees it, will be able to engage with it, thus either comment, share or like it.

Take a look at our video for those tips :

Every time a Facebook user likes, share or commen…

Resident Evil 7 no stutter guide for 30 and 60 fps systems

The release of the last Resident Evil game has had us go from indifferent, to cautiously optimistic, to infatuated with one of the best releases in the series; a game on par with the couple of initial classics and the fourth instalment. Capcom decided to drop the third person over-the-shoulder perspective for this one and go with the first person camera, refreshing the whole series in the process. Make no mistake, this is one of the greats, and you owe it to yourself to at least try it out even if you aren't into horror games at all. Unlike other publishers, Capcom has been kind enough to provide a demo of the first hour of the game in Steam. Go ahead and try it.

The game itself is quite well optimized, as it is one of the initial PlayStation VR titles released and that means it has to adhere to specific latency requirements. The good news for PC gamers (sorry, no PC VR yet) is a 60fps target where most older GPUs and systems can have a proper experience. Unfortunately, the game …