There have been many cases of hacking on websites with various methods. Preventing websites from hacker attacks must be done. If the security of your website is not carried out regularly, it is possible that someday the website’s security holes will also be known by website hackers.
Be Careful in Choosing Hosting
The choice of hosting is one of the most important things for the security of your website, hosting can be the main cause of a website being hacker attacks, the cause of a website with a WordPress CMS being hacked is a weak hosting factor. Especially if you use shared hosting, even though the website script that was created is very good and feels safe, the cause of your website being hacked could be due to weak security on other people’s websites that are also hosted at the same place.
Avoid Using User Admin
When you first install WordPress, then an account has been created with the admin username, you should replace the name with a new one. This is because the username is already known by many people. You can change admin user from phmyadmin via CPANEL or FTP.
Use Hard-to-Guess Passwords
It is very important to choose a strong password so that it is not easy to guess, a strong password according to most security experts is a password whose number of characters is not less than 8 characters, besides that it must use a combination of uppercase, lowercase, numbers to symbols. This hard-to-guess password must exist for all users on the website.
Limit Website Login Attempts
Usually the website owner will not forget his own website password, once you try to login, you can enter. But hackers can’t necessarily be like that, they will try with various possibilities they can try. Failed to login once, they will keep trying until they successfully log in, no matter how many times they try. Therefore, it is necessary to limit login attempts, to use this technique you can use the plugins available in WordPress.
Provide Password for Folder
In addition to the administrator page that uses a password, the wp-admin folder you can also provide a password as well. This is done so that the security installed is stronger. You can set it, by going to the Security section and selecting Password Protect Directory then in the Name section of the Protected Directory enter wp-admin, and also write your username and password..
Hide Website Login Page
Websites with a WordPress CMS usually have a default login. Of course, this page is already known by many people, it is better if the page is replaced. To perform this action, you can use a plugin as an aid, for example like the iThemes Security plugin which allows you to change the wp-admin location.