Learn about WordPress Security

wordpress security
wordpress security

How strong is WordPress security? There has been a mumbling around the internet lately about a large scale brute force attack on WordPress.

They are not just targeting high profile WordPress websites. But are using a large network of bots to target any WordPress site they can find.

The attackers are attempting to brute force access to WordPress sites by hitting the wp-login.php with a dictionary password attack.

The belief is that the goal may not be to deface your site. Instead use it as a platform to launch an attack on other sites when needed.

  • WordPress Security Tips
Rename your wp-admin folder : 

You Should rename wp-admin folder then this make it much more difficult for automated bots to find, as majority of attacks rely on simply hitting it and guessing where it is.

Delete the admin user account:

Brute force attempts will try the username admin with password combinations, you need to add a different account and then delete the admin this will make dictionary attacks even harder.

Secure wp-config.php:

This puts it outside of browsable files but still accessible by WordPress. Or you can deny access via htaccess

  1. <files wp-config.php>
  2. order allow, deny
  3. deny from all
  4. </files>
Restrict Access to your IP:

Limit access your site to to the wp-admin and wp-login.php files from a set of specified IP addresses.

The disadvantages of that are you will not be able to log-in from different connection… to WordPress until you edit this rule.

Install an SSL Certificate:

It will not stop brute force attacks. However it will mean that whenever you login to your website your username and password are encrypted.

This can stop hackers snooping in when you are using Wifi or public networks.  Cheap SSL certificate.

Install WP Security:

Better WP Security Plugin will automate many of the above tasks for you. It is by far the best option if you feel uncomfortable changing file settings yourself.

Use a WAF Service:

Cloud based Web Application Firewalls are becoming more popular nowadays.

They provide a simple way to help protect your website and provide more details about what is going on.

What’s new with WordPress 3.8

WordPress 3.8 is now available via Softaculous. Upgrade your existing installation to 3.8 with one click or install a fresh new blog.

WordPress has gotten a facelift. 3.8 brings a fresh new look to the entire admin dashboard. Gone are overbearing gradients and dozens of shades of grey — bring on a bigger, bolder, more colorful design!

wp_overview

wp_design

Modern aesthetic

The new WordPress dashboard has a fresh, uncluttered design that embraces clarity and simplicity.

Clean typography

The Open Sans typeface provides simple, friendly text that is optimized for both desktop and mobile viewing. It’s even open source, just like WordPress.

Refined contrast

Beautiful design should never sacrifice legibility. With superior contrast and large, comfortable type, the new design is easy to read and a pleasure to navigate.

WordPress on every device

responsive

We all access the internet in different ways. Smartphone, tablet, notebook, desktop — no matter what you use, WordPress will adapt and you’ll feel right at home.

High definition at high speed

WordPress is sharper than ever with new vector-based icons that scale to your screen. By ditching pixels, pages load significantly faster, too.

Admin color schemes to match your personality

wp_colors

WordPress just got a colorful new update. WordPress 3.8 includes eight new admin color schemes so you can pick the one that suits you best.

Color schemes can be previewed and changed from your Profile page.

Refined theme management

themes

The new themes screen lets you survey your themes at a glance. Or want more information? Click to discover more. Then sit back and use your keyboard’s navigation arrows to flip through every theme you’ve got.

Smoother widget experience

Drag-drag-drag. Scroll-scroll-scroll. Widget management can be complicated. With the new design, WordPress team has worked to streamline the widgets screen.

Have a large monitor? Multiple widget areas stack side-by-side to use the available space. Using a tablet? Just tap a widget to add it.

Twenty Fourteen, a sleek new magazine theme

The new Twenty Fourteen theme displayed on a laptop. tablet and phone

Turn your blog into a magazine

Create a beautiful magazine-style site with WordPress and Twenty Fourteen. Choose a grid or a slider to display featured content on your homepage. Customize your site with three widget areas or change your layout with two page templates.

With a striking design that does not compromise our WordPress’ simplicity, Twenty Fourteen is the most intrepid default theme yet.