Protecting your website is extremely important. We created this checklist to help you harden your website to protect yourself and your users from hacks. Although nothing on the web is hack-proof, following this list will ensure maximum protection.
1 | Change the default 'admin' username
2 | Disable file editing
3 | Disable PHP file execution
4 | Limit login attempts
5 | Change WordPress database prefix
6 | Password Protect wp-admin and login
7 | Disable XML-RPC in WordPress
8 | Enable Web Application Firewall (WAF)
9 | Automatically log out idle users
10 | Add security questions to WordPress Login
11 | Install a WordPress Backup Solution
12 | Frequently test backups to make sure they work
13 | Install an anti-malware plugin and frequently scan for problems
14 | Keep WordPress, plugins and themes updated
15 | Ensure strong passwords and user permissions
16 | Don’t allow users to upload files to your site
17 | Use SFTP rather than FTP
18 | Don’t give our your FTP credentials
19 | Only give admin access to those you know and trust
20 | Only use themes and plugins from reliable providers
21 | User a content delivery network (CDN) to help prevent DoS and DDos attacks.
22 | Install and force the use of an SSL certificate
We have created a handy checklist to for your to print out and go through to add these security measures to your website.
Download “The Ultimate WordPress Security Checklist”. A useful list of security measures to protect your website.
Enter your info below to download the freebie so you can keep your website safe from hackers and other threats.