WordPress Security – 21 Steps to Lock Down Your Site in 2021

01. Choose a secure WordPress hosting, ingrata Security recommends GCP Google Cloud Platform with NGINX and SSL Certified by Bitnami and Automattic hosting and never self managed hosting solutions. 02. Use latest version of PHP, 5.6, 7.0, and 7.1 are to be avoided, 7.2, 7.3, and 7.4 is recommended. 03. Use smart Passwords: KeePass, 1Password or LastPass 04. Use the latest version of WordPress, Plugins, and Themes 05. Change Your WordPress Login URL and also limit login attempts using WPS Hide Login and Cerber Security, Antispam & Malware Scan. 06. Enable Dual Factor authentication using Google Authenticator (2FA) 07. Use HTTPS for Encrypted Connections using free Let’s Encrypt SSL Certificate 08. Secure by moving wp-config.php, updating WordPress Security Keys and Change Permissionshttps://api.wordpress.org/secret-key/1.1/salt/ 09. Disable XML-RPC 10. Hide Your WordPress Version 11. Add Latest HTTP Security Headers 12. Force https – https://wordpress.org/plugins/wp-force-ssl/ 13. WordPress Security Plugins 14. Harden Database Security 15. Always Use Secure Connections 16. Check File and Server Permissions 17. Disable File Editing in WordPress Dashboard 18. Prevent Hotlinking 19. Always Take Backups – https://www.wpbeginner.com/wordpress-security/#wpbackup 20. Security Plugin – https://sucuri.net/wordpress-security-plugin/ 21. DDoS Protection – https://kinsta.com/blog/wordpress-security/

Leave a Reply

Your email address will not be published. Required fields are marked *