4 Ways To Protect your WordPress Website from Hackers

How to protect your WordPress Website from Hackers ?

How to protect your WordPress Website from Hackers

There are many webmasters who nag about the security vulnerability of WordPress.

But the matter of fact is every open source software is often prone to brute force attacks.

Okay, that’s partially true, but still, it does not mean you have to blame WordPress for any kind of security issue.

Wondering why?

Well, a majority of times, it’s usually the webmasters’ fault that their websites get hacked. It’s often your responsibility to put extra efforts into preventing these attacks and save the website from hacking.

And the real question here is “what are you doing to prevent security vulnerability of your WordPress website?”

I know a majority of webmasters don’t do anything except for integrating a security plugin that claims to protect your website from every kind of security threat especially if you are a newbie. Well, I am not blaming you because trust me I have also been there and it takes time and experience to learn new things.

So, I thought I should share what I have learnt during my journey as a WordPress webmaster and prevent you from making the same mistakes that I have once made.

Read: How to make passive income on Clickbank

4 ways to protect your WordPress Website from Hackers 

1.Lockdown your WordPress login

A lockdown feature enables you to limit the login attempts for your WordPress wp-admin. Since wp-admin is the primary target of many hackers to gain access to your website, it is always a bright idea to lock it down for failed login attempts.

So, whenever there are a number of hacking attempts with repetitive wrong passwords, the website gets locked for that particular IP address with a notification sent to the webmaster of this unauthorized activity.

iThemes Security is one of the most popular security plugins that can help you lockdown your WordPress login. You can enter the number of failed login attempts after which it locks down the wp-admin for the attacker’s IP address.

2.Use 2-factor authentication

Another way to protect your wordpress website from hackers is 2-factor authentication which has gained a lot of popularity among webmasters and it is yet another great way to limit the access to the login page.

In 2-factor authentication, you provide login details for two elements. You can decide those two elements according to your requirements. You can set a regular password followed by a set of characters, a secret code or a question etc.

If you are planning to use a secret code for your 2-two factor authentication, you can use WP Google Authenticator plugin to create secret codes every time you log in.

3.Use SSL to encrypt data

Using an SSL certificate to secure your website is an excellent way. It not only makes sure encrypted data transfer between the server and the user browser but also drastically improves your website’s rankings on the search engines, driving more traffic to your website. You can either contact your hosting provider to get a secure SSL connection or consult any other reliable company offering the required services.

4.Disable Hotlinking

It is a common practice which leads to hacking. In this method, sites link to your images on the site to reduce the load on their website while increasing your server load. It is usually difficult to track. In fact, a majority of webmasters don’t even realize their server is being used deliberately by other websites.

Therefore, it is always a great idea to permanently disable hotlinking by adding a code snippet to your .htaccess file. Here is the code you have to add to your .htaccess file.

RewriteEngine on

RewriteCond %{HTTP_REFERER} !^$

RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?sparringmind.com [NC]

RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?google.com [NC]

RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?feeds2.feedburner.com/sparringmind [NC]

RewriteRule \.(jpg|jpeg|png|gif)$ – [NC,F,L]


WordPress is a profound and robust platform that can help you create secure websites provided you take responsibility to look after your website and do whatever it takes to improve its security.

The aforementioned points have been proved to help me and I’m pretty sure they will help your tighten your website’s security.

If you have any question on how to protect your website from hackers, kindly let me know through your comment.

Author:Jason is an expert in WordPress developer, currently working for a leading WordPress development company – WordSuccor Ltd., expert in Converting HTML to WordPress theme. He is always trying to share his intangible knowledge with others on the web.

Oyundoyin Anthony is a blogger and an affiliate marketer that offers helpful contents to people who are looking for different products for their needs. He enjoys helping people to achieve success in their business.

Leave a comment