Hardening WordPress Security

WordPress is an open source software and sometimes hackers may use security exploits to compromise your site. Therefore, we’ve created a few video tutorials to help you strengthening your WordPress security.

BulletProof Security Plugin

The first video is about BulletProof Security plugin configuration. This plugin is extremely important for protecting your website from brute force attack!

In particular, we also demonstrated how to whitelist IP address(es) so that only the people using the registered IP address(es) can access to the admin dashboard of your WordPress website. This can greatly reduce the chances of having brute force attacks. To do so, you will need to insert some simple codes (found from WordPress Codex page). Below is the code you need:

<Files wp-login.php>
# Block access to wp-admin.
order deny,allow
deny from all
# Add IP to Whitelist
allow from 111.222.333.444

Please note that 111.222.333.444 represents your IP address. You will need to replace this with your own IP address when you customize your BulletProof settings.

After watching the first video, you will know where to put the above code and how to whitelist IP address for accessing to your admin panel.

Sucuri Security SiteCheck Malware Scanner

The second video tutorial is about Sucuri Security plugin.

Sucuri Security SiteCheck Malware Scanner checks your WordPress site for malware, spam, blacklisting and other security issues like .htaccess redirects, hidden eval code, etc.

Captcha Plugin

The third video tutorial is about captcha plugin

This plugin significantly reduce the chances of spammers attacking your website by asking a math question when submitting a request to your website (e.g. visitors are asked “what’s the answer for 2+3” when leaving comment). The plugin can work on comment section as well as the login page.

Posted in: Plugins, Security, Video Tutorials