Connect with us

How to harden the security of wp-admin – WordPress admin giude

solution

How to harden the security of wp-admin – WordPress admin giude

Your WordPress admin account is a glowing target for crackers.  One suggested way to improve WordPress admin security is NOT to use admin as your admin username.

If you are currently using admin as username, don’t worry.  You can still change it.

  1. create a new hard-to-guess username
  2. Change it to admin
  3. Demote admin username to user or subscriber. Don’t delete it, use it a decoy.
Other things to consider
  • Never use the admin account to post news or blogs – create an editor account instead
  • Use .htaccess to protect wp-admin directory.
  • Use Profile Builder for user profile editing

Protect wp-admin directory

You may want to use .htaccess to protect wp-admin directory. Let’s assume your staticIP is 192.168.100.1

Your .htaccess should look like this:

AuthName “protected”
AuthType Basic
<Limit GET POST>
order deny,allow
deny from all
allow from 192.168.100.1
</Limit>

If your IP is dynamic, You may use 192.168.100.  to cover possible IP changes.  If you find yourself locked out due to IP change, find your new IP, and change the old or add the new IP into .htaccess file.

Profile Builder for user profile editing

Use Profile Builder for your user profile editing, in addition for user login and registration.

wp-admin should be only accessible to admin, not to regular users! Regular users should not have any remote connection with wp-admin.  This is one of serious security  oversights of  WordPress.

READ  WordPress – Get a better understanding about the WordPress software
Continue Reading
You may also like...

We are a WordPress plugin developer company that focuses on useful WordPress plugin creation and empowering people to earn passive incomes from their blogs. We build unique and groundbreaking plugins that will revolutionize your blog!

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

More in solution

    Sign up for our newsletter and get a free affiliate e-book!


    About Me:

    Teodor Coste

    Hi, my name is Szabi and I'm documenting my journey selling plugins on CodeCanyon. I will show you every step of it: learning to code, plugin ideas, WordPress stuff and more. Read more…

    Mega Plugin Bundle:

    CodeCanyon Portfolio:

    Learn to Code Plugins:

    Latest Promotions:

    Recommended Theme:

    Start Your Own Blog:

    Recommended VPN:

    Translate Your Blog:

    AdSense Alternative:

    Best Article Spinner:

    Popular Posts:

    Latest Posts:

    To Top

    Privacy Preference Center

        Necessary

        Advertising

        Analytics

        Other