This video series provides short “How to” videos about Wordpress Security, helping you make your self-hosted WordPress website secure. Hardening your WordPress website has never been more important. In this series we focused on 5 features available in iThemes security. Watch our security tutorials for WordPress Security to instantly block hackers, hide the back end login, remove the default “Admin” user, enable recaptcha, and change your database table pre-fix.
Removing the default admin helps prevent against automated attacks on your WordPress website. This makes your WordPress website more secure.
UPDATE: This has been change and is now located under “Local Brute Force Protection”. Automatically ban “admin” user Immediately ban a host that attempts to login using the “admin” username.
Hiding the backend login page of your WordPress website shuts down many common bot based attacks on your website.
Enabling the re-captcha for login will prevents the bots from performing malicious activities on your website. Thus, making your website more secure.
UPDATE: Here are some of the features “Invisible reCAPTCHA – Validate users in the background.”, use on login, use on new user registration, and use on comments.
I know, I know, some people argue that this does nothing to make your WordPress website more secure. However, I believe that every small step that you can take to make your WordPress website non-standard in terms of settings helps make it more secure. With automated attacks, having a unique database table pre-fix will not be easily found.
In Pro, enable the hackrepair.com’s blacklist feature and enable ban users. This leverages the power of a centralized database to block spammers, keeping your WordPress website that much more secure.
Whitelisting your and your client’s ip address ensures that you and your client does not get locked out due to too many attempts to login. This also stops automated attempts to guess their way into your WordPress Website.