1. Keep WordPress core and Plugins Update





2. Recommend Strong passwords.

3. Backup's for Secure

Another thing I like to tell is that always download Plugins and Themes from well-known, trusted, and established sources.





4. Change the default admin username





Now this another factor of security where you should give attention. Many times developers and site admin leaves the username of the site to default i.e. "admin". This makes the atackers work more easy as he/she can perform brute-force attack on the admin panel of the site with the default username.

Now WordPress gives preference to a users to change the username of the site during installation process. You can change the username at there or you can also do it by editing the wp_users table in your MySQL database. [ Note If you know about MySQL database then only go with the option. ] Another way you can do it by the Admin renamer extended plugin, which you can easily get it.





5. Disable directory browsing

Enabling directory browsing in your site is comparable to keeping your door always open for the hackers. With the directory browsing attackers can gather lots of internal information about your site. Directory listing occurs when the web server does not find an index file (i.e. an index.php or index.html) – and, if directory listing is turned on, the server will display an HTML page listing its contents. It is simple to disable directory browsing is to upload a blank index.html or index.php file in each directory and sub directory except the root.





Final Words

Above discussed tips and recommends are of basic, and these can be opt by a simple users who don't have much technical knowledge. There are more security measures to boost the security of your WordPress site as like using some useful security Pluigins, Disable Custom HTML, security audit of the site, enable SSL (HTTPs) on the site, Hiding indexes using .htaccess file, and so on.





If you have more WordPress security tips to share and Do let us know. You can contact us or share the tips right on the comment below.

WordPress which is one of the popular Content Management System is getting targeted by the cyber hackers in a wide range. Security of the website is always a question for the developer and site admin.From last year, cyber attacks on WordPress has been increased and that too also because of vulnerable Plugins. Hope you all know about the WordPress Plugins, as it gives extra customization and features to the WordPress sites.Here are some basic recommendation on how to improve your WordPress site's security, and tighten the security level.As I have already mentioned that WordPress Site gets hacked mostly by Vulnerable plugins and themes, so first recommend from my side is to. There are many Plugins which are still vulnerable to different attacks attackers can easily find the exploitation of the vulnerability on google.More over many times security researcher discoverers vulnerability on WordPress core, which acts as a Zero-Day for a while, but WordPress team tries to release the patch as soon as possible. So It is always recommends toIt is always recommend to all internet user to have the strong and complex password for there accounts. Always choose complex and long passwords for the authentication. If your site have multiple users then force them to register with the strong password. As a site admin, you can install WP Password Policy Manager or Force Strong Passwords to make users setup accounts with stronger passwords, even if they like it or not.Taking Strong and complex password makes the attackers works quite hard to crack it.Having the site automatically backup itself at regular time intervals allows you to go back in time before any "malfunction" or point of attack. For this there are many Plugins available for this task, and for this you can simply search for it from the plugins panel.