2. 2013
• It was terrible year for WordPress users.
Thousands websites were defaced, hacked, or
taken down.
• The Reason: Bad WordPress Security
3. Five Major Steps You Need To Take
You can make your website as secure as fortress if
you take the following five security measures:
• Safeguarding the Login page
• Guarding the Admin page
• Protecting the Theme
• Tackling the Plugin related shortfalls
• Protecting the Data
4. Safeguarding the Login
• Disallow failed attempts by limiting login
attempts
• Implement two-factor authentication
• Rename WordPress login path
• Make an exclusive strong password for
WordPress
5. Guarding the Admin page
• Activate SSL for the WordPress Admin section
• Keep your WordPress updated to the latest
version
• Create separate “editor” accounts for publishing
materials
• Never use “admin” as login name
• Get a detailed security analysis done
• Install security plugins like Sucuri
6. Protecting the Theme
• Use themes hosted by WordPress (preferably)
• Keep your theme updated (always)
• Remove WordPress login and version from the
theme (if any)
• Delete unused WordPress themes (if any)
7. Tackling the Plugin related shortfalls
• Use plugins hosted only on WordPress
• Update your plugins whenever available
• Use recently-made alternative if a plugin has not
been updated for more than 12 months
• Delete unused plugins
8. Protecting the Data
• Host on a secure infrastructure
• Set a backup schedule, preferably on weekly
basis
• Access your site only with SFTP (Secure FTP)
• Set all files to file permission 644 and all folders
to 755
• Keep offsite backups
9. Use Cloudways
Get the best Managed WordPress Cloud Hosting
for a secure and convenient experience
LEARN MORE
Presented by:
Follow us on:
Visit our website:
www.cloudways.com
Read our blog:
www.cloudways.com/blog