If you are not after the wordpress complete security 1st part then click here
SQL injection attack.
This types of wordpress hacking process in not seen to be very advanced and easy.
However, this does not mean that your wordpress site will not be hacked with SQL injection.
Maybe, there have been many.
In fact, with this SQL injection, some malicious SQL statements are placed in the database of your wordpress website.
And as a result, hackers have ability to steal your website data, redirect from your website to malicious websites or destroy your entire website.
So, even if the chances are low, hacking through SQL injection in wordpress database in seen a lot now.
This types of SQL database injection is mostly done through websites, ‘ bad plugin’ and “theme”.
So, do not install and use the plugin or theme on your wordpress website from any unbelievable website.
And, keep your wordpress website’s installed themes updated regularly.
Moreover, I would suggest using as few plugins on the website as possible.
Below I will tell you how to protect your wordpess website from being hacked with this types of SQL database injection.
DDoS attack
Nowadays, if you talk about the security of a wordpress website, you don’t have to talk about the “ DDoS attack”.
Because, attempts to damage a wordpress website through a DDoS attack, are done in much larger quantities.
DDoS attack means “Denial of server attack”.
This is type of cyber attack, where various other computer device are hacked to target your web server.
And, thus targeting a particular website or web server by virous computer devices, dozens of fake traffic is sent.
As a result, your website’s server crashes because it can’t handle so many traffic requests at once.
This types of DDoS attack will cause a lot of damage to your website when it comes to your website.
Because, your competitors will definitely try to harm your website.
My device also has this kind of DDoS attack.
However, I do have the knowledge og how to protect my wordpress website from DDoS attack.
Below I will tell you the way and the rules.
Other attack on wordpress site. Securing a wordpress website is very important.
If your wordpress website in not secure then in addiction to the above mentioned website attacks or hacks, there are many other types of attacks on your website.
Thus, without a special authentication code, no fake bot or user can login to wordpress admin panel.
Backup website regularly.
Hey I know, your hosting company may have a back up the entire website for you.
However, if you want to keep your website safe and secure at any time, then you must take a backup of the website from yourself.
In this case, if at any time your website is hack or your hosting company suspends you, you have nothing to fear.
You can use the backup file your website, which you have, with any other hosting company to host the website again.
Or, if your website has been hack, you can restore the backup file of the website you have and restore the website to its previous state.
So, the most effective way to keep your website safe and secure forever is to create your own backup system.
This plugin is the best and completely free to make a full backup of any wordpress website.
With Updraftplus, you can backup your entire website to your “ Google drive” account with just one click.
Then,
If necessary, you can restore the backup of the entire website by clicking on the “ restore backup” option at any time.
Moreover,
With backup through updraftplus, you can migrate your entire wordpress website by installing it in another hosting company.
So, if your hosting company suspends your account in the future or your website server is hack,
Then you can easily restore your back up file to another hosting server through updraftplus and save the website from being damag.
So, start backing up your entire wordpress website with updraftplus from today, and keep your website safe forever.
I have uploaded a tutorial vedio of updraftplus on my facebook page.
In necessary, look at the process of backing up and restoring the website.
Block dicrectory indexing & browsing.
If the directory indexing and browsing of the website is open, anyone can view the important directory files of your website.
E.g.,
If you add “/wp-content” or “/wp-content/plugin/” to the and of your wordpress website, yourwebsite.com/wp-content/plugins/
Then, if the directory shown in the image below comes up, disable directory indexing in wordpress.
Then your website’s directory indexing and browsing is open.
And, it much be block as soon as possible.
Looking at the picture above, you can understand what is called directory indexing.
If the directory indexing and browsing of the website is open, anyone can view the important dire.
Hackers can get important information through these directory of your website.
Then you can easily attack or hack the theme and plugin or server of the website.
So, be sure to pay attention so that your website directory browsing and indexing is stopp.
How to stop wordpress directory indexing and browsing ?
If you are using web hosting from a good hosting company, your hosting company will stop this kind of directory indexing.
If you ask your hosting company to stop directory indexing, they will stop.
Moreover, if you are using good “ wordpress security plugin.
Wordfence
Secure security
Itheme security
If so, these plugins will stop directory indexing of your website.
Thus,
If you go to the htacess file of your website and add the ‘ option-indexes” line at the very end,
Then the directory indexing and browsing of the website will stop.
Disable wordpress meta generator and version. You can also protect your website from being hac
k by disabling and hiding the version and meta generator of your wordpress website.
Many hackers can hack your website by taking the information of version and meta details of wordpress website.
So, of course make these two things disable.
How to hide wordpress meta generator and version?
There are definitely many free plugin to do this.
However, if you are using a good wordpress security plugin, then there must be the option to disable and hide the meta generator and wordpress version.
In part 3 I will finished this article. Thank you .
3 Comments
[…] View part two (2) […]
ReplyDelete[…] wordpress security tips past 2 […]
ReplyDelete[…] if you doesn’t read part 1 and part. so click part 1 or part 2 […]
ReplyDelete