WordPress: 10 essentials to secure your website
Prevent hackers from breaching your website
Mar. 31, 2019 - Willem L. Middelkoop
A lot of people use WordPress to manage their website, therefore it's no surprise people ask me to have a look at their site's security. As ethical hacker, I encounter WordPress in different shapes, sizes and states. Some of them are really badly protected against hacks. Prevent your site from being hacked using these 10 practical tips.
Continue reading![Password dictionary attacks use lists of known (leaked) passwords, you can find them on shady parts of the internet](/blog/2019-03-31_wordpress-10-tips-to-secure-your-website/images/i_03_Password-dictionary-attacks-use-lists-of-known-leaked-passwords-you-can-find-them-on-shady-parts-of-_500px.png)
![Leaking personal user information from the WordPress REST API](/blog/2019-03-31_wordpress-10-tips-to-secure-your-website/images/i_05_Leaking-personal-user-information-from-the-WordPress-REST-API_500px.jpg)
![Sniff WordPress password using WireShark packet capturing (via blog.wpscans.com)](/blog/2019-03-31_wordpress-10-tips-to-secure-your-website/images/i_02_Sniff-WordPress-password-using-WireShark-packet-capturing-via-blog-wpscans-com_500px.png)
![Limit access by IP basis to XML-RPC using a .htaccess file](/blog/2019-03-31_wordpress-10-tips-to-secure-your-website/images/i_06_Limit-access-by-IP-basis-to-XML-RPC-using-a-htaccess-file_500px.png)
![Check the reputation of a WordPress plugin by looking at the number of downloads and its rating](/blog/2019-03-31_wordpress-10-tips-to-secure-your-website/images/i_01_Check-the-reputation-of-a-WordPress-plugin-by-looking-at-the-number-of-downloads-and-its-rating_500px.jpg)
![Somewhere in a datacenter there is a machine like this hosting your website](/blog/2019-03-31_wordpress-10-tips-to-secure-your-website/images/i_08_Somewhere-in-a-datacenter-there-is-a-machine-like-this-hosting-your-website_500px.jpg)