This is a contribution by Ahmad Awais. I’ve seen many website owners nagging about the security of WordPress. The opinion is that an open source script is vulnerable to all sorts of attacks. But that is mostly not true – sometimes it’s the other way around. Or, okay, let’s say that it’s partially true, but even then you shouldn’t blame WordPress. Why? Because it’s usually your fault that your site got hacked. There are some responsibilities that you have to take care of as a website owner. So the key question is always, what are *you* doing to save your site from being hacked? Today, I plan to discuss quite a few simple tricks that can help you secure your WordPress website: Part (a): Secure the login page and prevent brute force attacks Everyone knows the standard WordPress login page URL. The backend of the website is accessed from there, and that is the reason why people try to brute force their way in. Just add /wp-login.php or /wp-admin/ at the end of your domain name and there you go. What I recommend is to customize the login page URL and even the page’s interaction. That’s the first thing I do when I start securing my website.
Share This