axactsoft.com
Checklist For wordpress Security - AxactSoft
1. Don’t use ‘admin’ username You have the option to change your admin username into whatever you like. I encourage you to do so. Anybody who tries to get into your WordPress admin section will try with ‘admin’ as a username. If you change it, potential hacker has to hack both username and password. Another way of doing this is, Create a new administrator user, login as that user, and delete your “admin” user account. If you are running older version of WordPress (which I do not recommend), you can change admin username directly in the database. Open your phpMyAdmin and run this query: 1 UPDATE wp_users SET user_login = 'your_new_login' WHERE user_login = 'admin'; 2. Install Login LockDown Plugin Potential hacker will try to break your username/password combination using brute force or dictionary attack on your WordPress Login screen. Login LockDown Plugin will prevent that. Login LockDown records the IP address and timestamp of every failed login attempt. If more than a certain number of attempts are detected within a short period of time from the same IP range, then the login …