12 Tips on how to secure my WordPress website

how to secure my WordPress website

12 Tips on how to secure my WordPress website

Hello Bloggers, is your WordPress Website Secure? If you have also made your website in WordPress. So, your website should be secure from every moment of Cyber ​​Attacks. In this article today, we are going to tell you the easiest 12 Tips on how to secure my WordPress website Security Tips, you can secure your WordPress website very much absolutely free.

Actually, the most website in the world is built on WordPress CMS and the core configuration of all these websites is the same In such a situation, most Cyber ​​Attacks around the world are also on Websites made in WordPress.

Why Website Security is Important

Let me tell you that in today’s time, the security of that business website is very important for an Online Healthy Business. Your WordPress Website Security has a direct impact on your Business.

According to Sucuri this website, about 90% of websites in Infected Website by Hackers are made on WordPress CMS Platform every year Sucuri is an absolutely Free WordPress Security Plugin.

Sneakytech compressed 1

And the thing to note is that this data is increasing every year. So you can understand how important it is to secure a WordPress website.

If your WordPress website, unfortunately, gets hacked. So the important data of your website can be stolen. Hackers can steal the personal information of customers and users from your website and use it incorrectly.

3 compressed 1

Not only this, Reputation in the market of your domain name or your business brand is completely destroyed by having a WordPress Website Hack. Nobody will like to visit your website. Your revenue will also stop coming in gradually.

It is a matter of a hundred things that it is very difficult to run and grow a business by running an online website without securing the WordPress website.

Is Your WordPress Website Secure


You will be surprised to know that according to the famous website internetlivestats.com, more than 100,000 websites are hacked every day around the world. This is why it is important that your WordPress website is safe from hackers around the world and for this, you need to keep an eye on every aspect of WordPress Security.

12 Easy Ways on how to secure my WordPress site

12 Tips on how to secure my WordPress website

  1. Buy Hosting from Good Hosting Provider
  2. Change Username of Admin user
  3. Use two-factor authentication
  4. Use strong and strong passwords
  5. Do not have Multi Administrator(Admin)
  6. Change the Login Page URL of the website
  7. Remove Unwanted Plugin
  8. Block the suspect (suspicious IPs)
  9. Update your WP, Themes and Plugins
  10. Limit Login Attempts in Website
  11. Secure the WordPress Database
  12. Disable File Editing from Admin Dashboard

1.Buy Hosting from Good Hosting Provider

Best Wordpress Hosting Provider compressed 1

To create any website, you first have to buy Hosting. If you want to make your WordPress website secure. So it is important that you buy only after seeing the hosting at all and after talking to the Hosting Provider properly.

You purchase Hosting from a Hosting Provider who uses multiple Security Layers like – Packer Filter, Firewall, Proxy Server, etc. to protect the WordPress Website.

2.Change Username of Admin user

how to secure my WordPress website

On installing a WordPress website, the Admin user of the website remains the Username By default Admin. That is why most hackers are successful in hacking websites using Admin Username.

Let me tell you, in today’s time Hackers use Bots for Hacking. In these Bots, admin is set instead of Username And with the help of Hackers these Bots, in a few seconds, on the WordPress Login Page, Automatically Millions of Times are hit with different passwords.

This is why WordPress Security is required. First of all, change the Username of the Admin user and keep something else while you install the WordPress Website.

3.Use two-factor authentication

Screenshot 302 compressed 3

Today, two-factor authentication is used a lot to secure any online account. Even Google recommends a two-factor authentication service to protect Gmail account.

Actually, two-factor authentication is a 2 step process to log in to any online account. The first step is to log in with your Username and Password.

And soon after the second step, an OTP (One Time Password) is sent to your Registered Mobile Number or Email for Login Verification.

4.Use strong and strong passwords

Actually, most people think of running their work with a very simple password. So keep in mind that a password is very important not only for your website but for the security of all Online Platforms.

That is why for WordPress Security you have to make sure that you are using a strong and difficult password for your WordPress website login.

You can create a difficult password by mixing the rules below

  • Have at least 8 and more characters
  • Combine both uppercase and lowercase letters
  • Also, be a mixture of letters and numbers
  • Inclusion of at least one special character, eg:%., [@ #?)
  • If you create a password by mixing all these letters, then it will look something like this –

[email protected],

[email protected]#125c


Apart from this, you can do Online Strong Password Generate For this, do a search by typing Generate

Strong Password in your Google Browser.

5.Do not have Multi Administrator (Admin)

They work in partnership on their website. So don’t make him administrator, if he prepares the post, only make “editor” from it. Maybe he can delete or cheat you from users.

If you have complete trust in your partner. So you can make an administrator. Make the best way “editor”. And secondly, if you run a website alone, then keep only one admin.

6.Change the Login Page URL of the website

Usually, after installing a WordPress website, the URL of the website’s Login Page finally ends with admin, login, wp-login.php, or wp-admin. And most people log in to their website with this default URL.

Let me tell you that hackers use these default URLs to hack websites. So if you want your WordPress website to be a Step and Secure, then you can quickly change your Default Login Page URL and make something different.

You can use the WPS Hide Login Plugin to change the WordPress login page URL.

7.Remove Unwanted Plugin

Many new users install redundant plugins. Which is harmful for the blog. Let’s install the Unwanted Plugin. This increases the chance of being WP hacked. Because it is not a Trusted plugin.

Before downloading and installing any plugin, the plugin version, Activity, Active Installs, Rating should be checked. Meaning what is the version of the plugin? How many people have activity? How many people have installed this plugin? What is his rating? All this should be checked and installed the plugin.

Secondly, do not use more and more plugins. Loading the blog also slows down by installing more plugins. And the chances of getting hacked also increase. So delete the extra plugin.

8.Block the suspect (suspicious IPs)

If you are using a WordPress Security Plugin on your website. So usually by sending an Email Notification, these plugins inform you about such IPs which repeatedly try to log in with the Wrong Username and Password on your website.

So you can block such Suspicious IPs as soon as possible. Similarly, if these IPs are Belong to a country whose traffic is not of any use to you, that means you do not provide your services in those countries.

So you can block such IPs geographically by making a policy or rules in the firewall. After that, there will be no-hit of any kind on your website from that country or region.

Read More- 10 Best Free keyword searching tools in 2021

Read More-What is Web Hosting Service | Types of Web Hosting

9.Update your WP, Themes and Plugins

The version of WordPress, Themes, and Plugins of your website for WordPress Security should be updated. Hackers often target websites whose WordPress, PHP, etc. software are not updated.

Whenever a new version of WordPress Software is released, you see the Notification in your WordPress Website Admin Dashboard. You can update Directly WordPress Software from Admin Dashboard. Also, you can update PHP Version from cPanel.

But keep in mind that before updating Software like WordPress, PHP, etc. you have taken a complete backup of your website.

10.Limit Login Attempts in Website

It is necessary for WordPress Security to first stop such Auto Bots who are constantly trying to log in to your WordPress website with the wrong Username and Password.

You can limit Login Attempts using the Limit Login Attempts Plugin on your website. These Auto Bots can be stopped by setting 3, 5, or 10 Login Attempts on the website.

Apart from this, WordPress provides an option to use a required Plugin Loginizer at the time of website installation Loginizer Plugin also limits the Login Attempts of your WordPress Website and protects the website from Brute-force Attacks.

11.Secure the WordPress Database

You must also take special care of your WordPress website database and its security. After all, the entire content of your website remains saved in the database. That’s why you remove the Default Name of Database Table Prefix and put some new name at the time of WordPress Installation.

12.Disable File Editing from Admin Dashboard

After installing WordPress, you can edit the main files of your website in which the code of themes and plugins of your website is written by going to Appearance in the Admin Dashboard and then going to the Theme Editor option.

Screenshot 320

Let me tell you all these files

Your WordPress Website has Core Files And if you edit incorrectly by mistake, your website can be Crash

If ever a Hacker is able to login to the Admin Page of your website So it can wrongly edit these important Core Files of your WordPress Website from Admin Dashboard.

And it may delete these files. If this happens then your website can be completely destroyed.

That is why it is better for WordPress Security that you disable File Editing Option from the Admin Dashboard of your website.

Follow the steps below for File Editing Disable.

1. Login to your cPanel first.

2. Now go to File Manager and then go to the Root Directory of your website.

Search the wp-config.php file in the Root Directory and press Right Button and click in Edit Option.

3. Now save the file by adding the below given code to this file.

define (‘DISALLOW_FILE_EDIT’, true);’

4.If this code is already present in the file then set it to True.

If you want more information about Best Free keyword searching tools in detail, GO and Checkout  CodeinWP link provided below:25 Simple WordPress Security Tricks to Keep Your Website Safe in 2021


In today’s post, we have learned and understood about 12 Tips on how to secure my WordPress website.

Hopefully, you have learned a lot about WordPress Security Tips from this article today. If you have any kind of question or suggestion related to this post, then do let us know by commenting in the comment section.

In which I have tried to tell almost everything. If you have any other questions, then you can comment on us. You can also ask me.

If you have any suggestions, then please tell us, I will definitely share them on my site. So that more people can talk to you. If there is any question related to this post, then a comment is definitely asked.

Leave a Comment