WordPress Security – Lock Down Your Site in 2021

WordPress Security – 21 Steps to Lock Down Your Site in 2021

01. Choose a secure WordPress hosting, ingrata Security recommends GCP Google Cloud Platform with NGINX and SSL Certified by Bitnami and Automattic hosting and never self managed hosting solutions.
02. Use latest version of PHP, 5.6, 7.0, and 7.1 are to be avoided, 7.2, 7.3, and 7.4 is recommended.
03. Use smart Passwords: KeePass, 1Password or LastPass
04. Use the latest version of WordPress, Plugins, and Themes
05. Change Your WordPress Login URL and also limit login attempts using WPS Hide Login and Cerber Security, Antispam & Malware Scan.
06. Enable Dual Factor authentication using Google Authenticator (2FA)
07. Use HTTPS for Encrypted Connections using free Let’s Encrypt SSL Certificate
08. Secure by moving wp-config.php, updating WordPress Security Keys and Change Permissionshttps://api.wordpress.org/secret-key/1.1/salt/
09. Disable XML-RPC
10. Hide Your WordPress Version
11. Add Latest HTTP Security Headers
12. Force https – https://wordpress.org/plugins/wp-force-ssl/
13. WordPress Security Plugins
14. Harden Database Security
15. Always Use Secure Connections
16. Check File and Server Permissions
17. Disable File Editing in WordPress Dashboard
18. Prevent Hotlinking
19. Always Take Backups – https://www.wpbeginner.com/wordpress-security/#wpbackup
20. Security Plugin – https://sucuri.net/wordpress-security-plugin/
21. DDoS Protection – https://kinsta.com/blog/wordpress-security/

Leave a comment

Your email address will not be published. Required fields are marked *