Comment Sceuriser Word Press

If you look at your server logs, you will quickly realize that a number of “people” or rather robots are regularly trying to connect to your WordPress, especially from Russia, China or Ukraine.
This is brute force attack, ie they will test all possible combinations of login / password.

Install your WordPress in a folder

To protect yourself from attacks, you can install WordPress in a folder (exactly like Prestashop), style “/ data”. Be careful there will be a manipulation at the end to have URLs without the directory. More info at WordPress .

Change the login of the default administrator

The first instinct in installing WordPress is to NOT put “admin” as the main login, since this is obviously the first login that hackers will try.
The problem if you already have an “admin” user is that you can not change it without touching the database.
So I suggest you create a new administrator with a nice name like “Toutou75” and put the profile “admin” as a single user or even delete it.

There are some WordPress plugins that ban IPs that fail to connect. The simplest and most effective is: Limit Login Attempts . You choose yourself the time of banishment and the limit number of attempts.

Leave a Reply

Your email address will not be published. Required fields are marked *