Tips & Hacks to Protect Your WordPress Admin Area

Most of the Bloggers concentrate Hard on writing Good content for their Blog but forget to give importance to Hardening their website or blog Security.There comes the Intruder who gains Access to WordPress Admin Dashboard & does what ever he likes.

Their [Hackers] Act’s may involve some thing like stealing your content,Placing their Ad’s on your site,Talking Down the entire site or some other sheepish act which will cost you Hours of Hard work & money.

Tips & Hacks to Protect Your WordPress Admin Area

We will provide you some tips & tricks for tightening your WordPress Website security.It’s not necessary you provide all the Tips but make sure you follow at least the basic One’s so that It makes harder for the hackers to gain access.

Keep your WordPress Upto date: [Basic]

Make sure you update your Version of WordPress to the Latest one Available.Whenever there is an update you will be notified by the WordPress in the Admin Dashboard.

Rename the default “admin” username : [Basic]

One of the basic security measure you need to take is renaming the Default WordPress Administrator username.

By default WordPress Administrator username is ‘admin’, changing it to something different will make the Hacker drop from his/her attempts at the initial stages itself.

Keep WordPress Admin Email contact Safe & Secure : [Basic]

For every user you need to specify an contact email Id & it will be same for Admin User as well.If Hackers get hold of your email Id then it becomes easy for them to get into your site by resetting the password using the Admin Dashboard.

Pick a Strong Password : [Basic]

Make sure you set some Strong Password for your WordPress Admin Account as well as WordPress Admin Email contact address.Also make sure you try to change your WordPress Admin Password periodically.

Strong Passwords would be a combination of Small/Caps Alphabets,Numeric & Special Characters.

Limit Access Via IP Address : [Expert]

You can limit Access to WordPress Admin Panel to only certain IP’s, thereby blocking access to all other IP’s. For this you need to create a .htaccess file in /wp-admin/ folder if not there already. Paste the below code thereby your Admin Panel only gets Accessed from the 3 IP’s specified below.You can add other IP’s if needed in a separate line.

AuthUserFile /dev/null
AuthGroupFile /dev/null
AuthName “WordPress Admin Access Control”
AuthType Basic
order deny,allow
deny from all
# Allow My Home IP address
allow from
# Allow Wireless IP Address
allow from
# Allow Work IP address
allow from

Limit Login Attempts : [Medium]

You can limit the no of Wrong Login Attempts using a WordPress Plugin Limit Login Attempts .Doing this if some hacker is trying to wild guess your passwords & after some unsuccessful attempts they will locked out for specific amount of time & you will be notified about that via email.

There are some other tricks for tightening WordPress Admin Area Security, which we will discuss in the next post.Stay Tuned.