How to secure WordPress blog from hackers

Hacking of site is a most common problem for most of the new bloggers or sometimes for some old and reputed sites also. If you want to secure WordPress blog from hackers then here are some simple yet helpful solutions that you need to follow.

wordpress hack

If you Google ‘How to/ Tips to secure WordPress blog from hackers’ then you will find hundreds of sites and lots of ways or tips regarding to that. Here we have listed some common and very effective ways, so you can easily follow them and save your site/ blog from hackers. Here are the ways:


Your username and author name which is displayed on posts must be different because to log in any WP dashboard you need only two things one is username and other is password and from these two one is you providing them, so it will be easy for hackers to hack your WordPress blog dashboard

Update Password

Your password should contain combination of Upper-Lower case, Numeric and some signs (#, @, !, _) and is possible then change it once in a month


Take weekly backup of your site and in that backup include all data of your blog like text, image, video and plugins. In our best WP plug-in article we have mentioned backup plug-in, so use it or refer how to backup WordPress blog/ site for taking backup

WordPress version and Plug-in details

Don’t show any details of your WP version and plug-in details on front end and remove it. To remove WordPress version numbers kindly go here and to remove plug-in details just follow given steps

  • Go to your c-panel
  • Create .htaccess file in /wp-content/themes/
  • Now paste below code

# BEGIN WordPress
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
# Prevents directory listing
IndexIgnore *
# END WordPress

Login lockdown plug-in

This is very helpful plug-in as it block the IP address of that computer which tries to crack the password forcefully and will immediately disable the site’s login function. But you also have to take great care while using it.

Restrict directory browsing

You should restrict browsing why? Because if any hacker has access of your directory then he/ she can easily make out the pattern of your directory can hack your site. Now to restrict directory browsing just go to .htaccess file in your root domain and paste given below code

# protect wp-config.php
<files wp-config.php>
Order deny,allow
Deny from all

Stop WP admin indexing

WordPress admin section is the main section and contains sensitive details about your blog. This section will not index unless you told to Google spider boats and to make stop indexing that section you have to update your robots.txt file with following code

User-agent: *
Disallow: /cgi-bin
Disallow: /wp-admin
Disallow: /wp-includes
Disallow: /wp-content/plugins/
Disallow: /wp-content/cache/
Disallow: /wp-content/themes/
Disallow: */trackback/
Disallow: */feed/
Disallow: /*/feed/rss/$
Disallow: /category/*

So these are the points which you should take care to save your site from hackers and if you find this helpful then share it with others and also let me know in comment section below.


Jay, who loves to blog and to share experience of his blogging career. I am here to help you all those new bloggers who want to make this blogging as their career. Apart from blogging I like to make new friends and want to travel each and every corner of the World.

Leave a Reply

Your email address will not be published. Required fields are marked *