WordPress: 10 security tips to lock down your site
Prevent your website from being hacked
Mar. 31, 2019 - Willem L. Middelkoop
A lot of people use WordPress to manage their website, therefore it's no surprise people ask me to have a look at their site's security. As ethical hacker, I encounter WordPress in different shapes, sizes and states. Some of them are really badly protected against hacks. Prevent your site from being hacked using these 10 practical tips.
Continue reading![Do you trust the free wifi you're using? (Image via buffered.com)](/blog/2019-03-31_wordpress-10-tips-to-secure-your-website/images/i_04_Do-you-trust-the-free-wifi-you-re-using-Image-via-buffered-com_500px.jpg)
![Somewhere in a datacenter there is a machine like this hosting your website](/blog/2019-03-31_wordpress-10-tips-to-secure-your-website/images/i_08_Somewhere-in-a-datacenter-there-is-a-machine-like-this-hosting-your-website_500px.jpg)
![Password dictionary attacks use lists of known (leaked) passwords, you can find them on shady parts of the internet](/blog/2019-03-31_wordpress-10-tips-to-secure-your-website/images/i_03_Password-dictionary-attacks-use-lists-of-known-leaked-passwords-you-can-find-them-on-shady-parts-of-_500px.png)
![Use WP Security Audit Log to keep an eye on what's happening with your WordPress website (wpsecurityauditlog.com)](/blog/2019-03-31_wordpress-10-tips-to-secure-your-website/images/i_09_Use-WP-Security-Audit-Log-to-keep-an-eye-on-what-s-happening-with-your-WordPress-website-wpsecuritya_500px.png)
![Limit access by IP basis to XML-RPC using a .htaccess file](/blog/2019-03-31_wordpress-10-tips-to-secure-your-website/images/i_06_Limit-access-by-IP-basis-to-XML-RPC-using-a-htaccess-file_500px.png)
![Sniff WordPress password using WireShark packet capturing (via blog.wpscans.com)](/blog/2019-03-31_wordpress-10-tips-to-secure-your-website/images/i_02_Sniff-WordPress-password-using-WireShark-packet-capturing-via-blog-wpscans-com_500px.png)