How to protect WordPress of computer science attacks



In order to improve the security of its WordPress, we will see a series of tips immediately very simple, within reach of everybody, that as minimum a little but difficult to the next crook put the things to him that pays attention to your Web.


STEP 1: Name of user

It must avoid this type of user (admin, administrator, publisher, etc…). In the same way, it avoids to use his name or any reference to the domain of the site.

It considers, that many of the wished accesses to WordPress do not become by brute force and that type of names of user, will be first that will try.


STEP 2: Safe password

- It must have as minimum 8 characters.

- It would have to be alphanumeric. To contain very small letters, uppercase letters, numbers and punctuations.

– You do not use personal information in her. Nothing of dates, names of pairs or children, etc… That we know ourselves.


STEP 3: It updates WordPress, theme and plugins regularly

It updates as much WordPress as theme and plugins that uses as soon as there are new versions. More often than would like are discovered we bugs and failures in the code that can allow accesses nonwished to our installation.
The developers strive in detecting and correcting these failures as soon as they appear and they remove a new version from his code to solve it. It is by that it is important to maintain our up-to-date system as if an operating system one was.


STEP 4: To protect wp-admin from the Control Panel

This is very simple and many headaches can save you. Is to protect the directory wp-admin from your Control Panel concerning servant, so that it is only possible to be acceded if it meets the user and the password for that directory.

In our Hosting servers we used CPanel that is one of the most used and is very easy to protect directory. It accedes to its Cpanel and Vaya lowering until the security section. It will see something similar to this:




Deletion mark to Directories protected by password and will open a window where you will be able to choose the directory to protect. Wp-admin chooses and it will appear to him the screen to form:




In the part of above it marks the square to protect the directory and chooses the name of the window that will appear to ask to you usuary and password.

In the part of down, we chose the name of user and the password. Button to add authorized and ready user!


STEP 5: It realises backups regularly

A simple form is through plugin. Several in the market exist and that is even gratuitous, most popular they are:



Another possibility is to realise backup copies through same Cpanel (Control Panel Hosting). Within the Control Panel section Archives it will find a called section Backup copies, which will allow him in a single click to realise the endorsement and to keep it to in their computer.


STEP 6: It limits the attempts of login

They exist Plugins that allows to add security at the time of entering their Control Panel WordPress, in case the system is tried to erroneously accede a certain amount of times to its Control Panel blocks it automatically, these are the following:

Limit login attempts

Login Lockdown


These are some safety measures suggested by Crearchile that of insurance will help its system of WordPress