The seguridad en WordPress es un asunto importante al que volvemos de cuando en cuando. En este post te mostramos lo primordial.
Without a doubt bloggers and webmasters invest time, effort and money in their digital assets: blogs, webs, forums, ecommerces.
Para nadie es un secreto que las páginas bien sean personales como un Blog o profesionales como un ecommerce or a briefcase They are a very valuable for their owners.
That's why the WordPress security es una preocupación y un tema recurrente en las conversaciones de los entusiastas de la Web. Nosotros como buenos entusiastas de la web, no podemos dejar de hablar del tema y a su vez guiarte en el fascinante mundo de la WordPress security.
Why is WordPress security so important?
This question could have as many answers as users with web pages exist in cyberspace.
For some it could be keep the way of contact with your customers safe, the professional reputation or confidential information of its contractors, for others it could be keep the main source of income.
Sin importar el cual be la razón que te mueva para keep your website or blog safe By now you are wondering:
How do I keep WordPress secure?
That's why we share a series of tips so that nothing bad happens to your digital asset. We divide them into two sections:
A. Solutions to promote WordPress security by installing plugins.
B. Solutions to promote WordPress security by installing plugins.
Without further ado we leave you our ABC of WordPress security
-
A) Five things you can do to keep your WordPress safe without installing anything.
-
Users
Default WordPress crea el Username admin with all admin privileges enabled. But working with that user makes you vulnerable to attack.
Then what do we do?
We create a new user How?
Following the following steps.
From the WordPress dashboard:
Users> Add New> Fill in the information fields> give them administrator privileges and that's it.
The premise is that the username is not predictable, as an example:
Soy3lmej0rBlogg3r
OR miblOggrocke4
They are more difficult than the admin lifelong.
At the same time, it is essential that password be safe. Which brings us to the next tip.
-
Passwords
Recently as a result of an attack suffered by a certain web portal with thousands of users, the passwords of all the members were made public of that page. A significant percentage of passwords were the typical numerical sequence:
Or its variants: 0123456789, 098765432.
Not to mention the classic QWERTY.
Don't let the same thing happen to you.
The possibilities for creating strong passwords are almost endless:
It is recommended:
- Use upper case and lower case ALTERNATES
- Include some special character ¡#$%&/()=?¿
- Add a non-sequential figure better 8302 than 1234
- And please: Run away from the obviousness of dates and pet names.
-
Remove the powered by WordPress
This can vary depending on what template you are using.
There are templates that allow you to do it from their design options such as the Divi theme.
In case the theme you use on your blog does not allow you to modify it, you can do it from the WordPress theme editor:
Appearance> Editor> footer.php
-
Delete what you don't use
This one is easy. And we already talked to you about it when we shared the 7 necessary adjustments to boost your blog.
In your WordPress management panel follow the following route:
Plugins> installed plugins
Delete everything you don't use.
Clever.
-
Update WordPress
Without a doubt, keeping WordPress updated to the latest version is a good way to keep it safe, but: updating to the latest version carries risks.
That is why it is necessary that create a backup before updating
-
B) Three solutions to promote WordPress security by installing plugins
Limit the number of failed attempts
WordPress and its users have repeatedly been victims of massive brute force attacks.
A brute force attack is far from what the name suggests: no karate kicks and punches.
It is that a brute force attack is more related to intelligence than to force. Because it consists of try different passwords until you find the real one.
The first step in staying safe from one of these attacks is to have a username not at all predictable and one strong password as we show you above.
The second is to install a plugin limitador de intentos fallidos login.
Although if you already have installed Wordfence, a security plugin that we usually highly recommend, you don't need to install another one. You just have to configure it by following this route:
Wordfence> Options> Enable login security
Once the option is checked: Enable login security the job will be done.
Create backups
For create backups in WordPress you need to install a plugin that allows you to do Backups.
In the repository of plugins you will find hundreds, we recommend you choose one like BackWPup with the ability to back up to multiple storage platforms.
You can follow this dedicated tutorial that we prepared on backups and backups.
Install a security plugin
If you are a regular reader of the blog you will know that whenever we can we mention the Wordfence, which we consider an essential plugin.
If you have not installed it yet, you are on time:
We have a complete tutorial of Wordfence where you will learn to configure it and get the most out of it.
Scan your plugins
The plugins are necessary tools, facilitate the execution of tasks and make everything easier, although sometimes in general they are a source of problems.
In the same way it happens with other installations that usually do in WordPress such as themes or templates.
Sometimes they can make our website vulnerable.
But how do you know which plugin or template constitutes a vulnerability for the security of our WordPress-based website?
With Plugin Security Scanner.
That utility available in the WordPress plugin repository It will allow you to know which installation is susceptible to being attacked or compromised.
Finally we can add that security inside and outside of WordPress is a large theme. But by taking fairly simple measures it is possible to keep your website safe, if you search enhance your knowledge In terms of security and everything related to WordPress, you have the best online course and in Spanish in this regard.
