Category: WordPress Security Tutorials & Tips

5 Reasons To Know Who Is Logged In To Your WordPress Site

This post explains why you should know who is logged in to your WordPress websites and blogs and how you can do it.

How to Clean a Hacked WordPress Website or Blog

First things first, do not panic. This article will guide you through the process of cleaning a hacked WordPress website. The process is documented in an easy to follow step by step format to help you identify the source of the hack and the infection, and then clean the code to regain control of your […]

Get Alerted via Email When a New User Is Created or Logs in To Your WordPress

There are several benefits to keeping a record of everything that is happening on your website in a WordPress audit log. As seen in this example, you can configure email alert so you are alerted of any suspicious user behaviour at an early stage, allowing you to thwart any possible hacker attacks before any damage is done on your WordPress website and multisite network.

WordPress Security VS Functionality – Striking the Right Balance

The more functionality your WordPress has the bigger the attack surface is. The more lines of code there are, and the more plugins you install the more prone to malicious hacker attack your WordPress will be. Ever heard this before? While many believe such facts are true, it all depends on how well things are […]

Using Media to Improve WordPress Security

Media can have a big impact on WordPress security. As we have learnt from last week’s WordPress SEO plugin vulnerability, if media is used effectively more users will keep their plugins up to date, which also means more secure.

Hide WordPress Usernames to Improve WordPress Security

A WordPress security tutorial that explains how and why you should hide your WordPress usernames to improve the security of your WordPress blogs and websites.

Why are Google Using HTTPS for Website Ranking?

A few weeks back Google announced that HTTPS will be used for SEO ranking, thus encouraging every website owner to run his or her website on HTTPS. Is it really necessary that every website runs on HTTPS for a more secure and safer internet?

Securing the WordPress Administrator User Account

The WordPress administrator user account is the most targeted account on a WordPress installation. Read this article to learn what you can do to tighten the security of your WordPress administrator user account and how to keep it secure.

Why You Should Change the WordPress Administrator User ID

This security article explains why you should change your WordPress Administrator ID to improve the security of your WordPress blogs and sites. It also explains how to change the WordPress administrator ID so malicious hackers cannot target the WordPress administrator account.

How to Grant Remote Access Privileges to a WordPress MySQL Database

This document explains how to grant remote access to a WordPress or any other MySQL database. Remote access might be needed if you need to extract or read data from the WordPress database from a remote location, for example to read the WordPress security alerts generated by WP Security Audit Log plugin and store them in a centralized logging and monitoring system.