WordPress is the most popular blogging platform these days. WordPress not only using for blogging. It can use to build a nice website/e-commerce shop too.

WordPress is a great platform to develop your next website. But please consider these security tips before starting the project.

Choose a great host

Ideally, you should seek out managed WordPress hosting from a company that clearly states what they do to make your safety and security a priority. Look for features like:

  • Attack monitoring and prevention
  • Proactive reviews and patches of security threats like core WordPress bugs, plugin exploits, and so on
  • Up-to-date server software (using the most recent versions of PHP, etc.)
  • Ability to isolate and prevent the spreading of infections so that a hacked site or virus cannot move to other sites on the same shared server

Create strong passwords


For passwords, it’s important to choose a complex password comprised of letters, numbers and characters. Try to avoid common usernames such as administrator, your website’s name or your name. If you have already created your administrator account with ‘admin’ username you can use a WordPress plugin such as Username Changer to change your username to something more secure. You can also create a new user with admin rights and remove the old ‘admin’ username.

Enable two-factor authentication (2FA) on all your accounts

Two-factor authentication requires a user to login with not just their username and password, but also a unique code that’s generated for one-time-use and sent to a device via SMS or an iOS/Android app. Try Google Authenticator — it’s free, and it’s available for both iOS and Android devices. Logins can be added in seconds with barcodes and codes accessed with just one simple click.

Google Authenticator

Delete unwanted plugins

Keep in mind. The fewer plugins you have, the fewer chances you give hackers to access your info. Its not just about security, either. It’s about site speed and performance too. Loading your with too many plugins can slow it down dramatically.

Keep WordPress Updated

But updating your site might not be enough, make site maintenance a regular habit. Automatic updates might be a good option for those who want to take a more hands-off approach to site management but want a secure site. Also update plugins and the theme you are using.

Sometimes hackers can gain access to your site due to security vulnerabilities on your computer. The best way to combat this is to keep your computer up-to-date. When software patches are released, install them. When a new operating system is released, do your best to upgrade as soon as possible.