If you have manually installed your WordPress, the default administrator username will be admin. You should change this to something harder to guess. To do this, log in to your WordPress admin area, go to Users and create a new user with Administrator role. Once the account is created, log out from your admin area, log in with the new account you created and delete the old one.
- Restrict access to the wp-admin folder only for your IP. You can easily do this by placing a .htaccess file in the wp-admin folder containing the following lines:
Deny from all
Allow from
You can see what is your IP at whatismyip.com
- Restrict the access to most files in the wp-includes and wp-content folders. The access to everything except images, CSS and JavaScript files can be blocked. To do this, create a .htaccess file and place the following rules in it:
Order Allow,Deny
Deny from all
Allow from all
- Protect the wp-admin folder with a password.
0 comments:
Post a Comment