In this post, I will talk about tips and plugins to keep your WordPress website safe from hackers.

Here are some few tips:

1. Change the password

Quite often, website breaches are due to easily guessed password. Make sure your username and password is strong and cannot be easily guessed. Also, I will recommend that when you start creating websites for clients or commercial use, do not use "admin" as your username, since it is common and can be easily guessed. Choose a username that is unique.

Change the current password

Go to Dashboard. Towards the top right-hand corner, hover your mouse over admin, click on the Edit My Profile link.



 It will take you to the admin's profile page. Scroll down to New Password, click the Generate Password button.



Copy the generated password and keep in a safe and secure place.

Click the Update Profile button.


2. Always update WordPress
From time to time, there will be important security releases as well as major releases. When there is a new release of WordPress, you will be
notified. The change log will list vulnerabilities that have been fixed. If you don't update your WordPress website you stand the risk of being hacked. When you update your WordPress, do it through your dashboard or if you want to do it manually, do not download the update from another website other than WordPress.org


3. Download themes and plugins from reputable sources
Don't install themes or plugins from questionable sources. You should only install themes and plugins from reputable authors and official sources.
Before you install anything, verify if the author is reputable and go through the reviews, comments, feedbacks and downloads of the theme or plugin.


4. Install Security plugins
Install security plugins like ithemes security, wordfence or bulletproof security. These plugins will help you configure various settings to ensure your site
is properly protected. It will help you disable directory browsing, change the URL of the admin login area, preventing brute force attacks and
much more.

5. Backup your website
I would recommend that you backup your website once a week. When you have a backup, if anything happens to your website such as hackers attacking it or
a malicious software wipes away the entire website, you will have back-up which you can install again. Don't just backup the content of your website.
You should create a full website backup at regular intervals. Plugins such as Backup WordPress or BackWPup will be able to do this.

What Is Next?

Step by Step

This tutorial is part of a series that walks you through creating your first website or blog using WordPress.

Next Step - 22. Deploying your WordPress website to your web host

Previous Step - 20. Create the footer section

Start from the beginning - Create your first website or blog using WordPress