View source

<div align=justify> In this article we'll list the tips to secure your WordPress site:

* Allow access to the '''wp-admin''' folder only for your IP.  To do this you just need to place a .htaccess file containing the following lines in the '''wp-admin''' folder:

 Deny from all
 Allow from <Your IP>

Your IP address can be obtained '''''[http://whatismyipaddress.com/ here]'''''

* Restrict access to most files within the '''wp-includes''' and '''wp-content''' folders. All files except images, CSS and JavaScript files can be blocked. To do this, create a .htaccess file, add the following rules in it and place it within your WP installation folder:

 Order Allow,Deny
 Deny from all
 <Files ~ ".(css|jpe?g|png|gif|js)$">
 Allow from all
 </Files>

* Password protect the '''wp-admin''' folder. '''''[http://myidealhost.com/tutorials/How_to_password_protect_folder_in_cPanel This article]''''' will help you to password protect a folder.

* Keep your WordPress installation (including plugins) updated to the latest versions.

Now that you know how to secure your WordPress installation, you can prevent it from being compromised.
</div>

Return to How to secure Wordpress.

Retrieved from "http://myidealhost.com/tutorials/How_to_secure_Wordpress"

Navigation

Search