HomeWordPressHow to Secure WordPress Website Using WP security plugin

How to Secure WordPress Website Using WP security plugin

Hi! Welcome to the Primomate. In this tutorial on How to secure WordPress Website, I will show you how to protect your website from Brute force attacks. And I will also show you how to Change the Database Prefix and Protect from Spam. I am requesting you to read attentively.

You will fully learn How to Secure WordPress Website in 4 step-

Ok, now let’s learn-

How to secure the website from brute force attacks.

To prevent Brute force attacks I need to install and activate a plugin names All in one wp security and firewall . So to install the plugin I will go to the WordPress dashboard. From the dashboard, I will hover on the plugins and then click on the add new.

up here in the search box, I will look for All in one wp security by typing that. Then I will select the first one and click install and activate.

Plugins Add NewSearch(All in one wp security) ➡ Install the first one ➡ Activate

how to activate all in one wp security plugin to secure wordpress website
how to activate all in one wp security plugin to secure wordpress website

Once the plugin is activated You should see a tab down here called Wp security and enter this tab there are some different options. But I will not cover all the options because It will take too much time. So, I will cover some important parts.

Ok, Now I will show you how to secure wordpress website using All in one wp security plugin

To prevent Brute force attacks I will cover In 3 steps-

1-Change WP login username

So first I will cover User account .

Now you can change from here the admin username which comes by default when you install WordPress in your website.

So, I strongly recommend you to change the admin user name to something else.

So, to do that go to the user account from the wp security plugin and put a new username and click save username.

Wp securityUser accountEnter New Admin Username ➡ Click on Change Username

how to Change WP login username to secure your wordpress webite
how to Change WP login username to secure your wordpress webite

You should remember this username because you cannot log in your wp dashboard without that.

now, let’s see how to secure WordPress website by changing wp-login page’s URL.

2-Change WP login page’s URL

Once you have changed the admin username please go to brute force.

From here you can change the WordPress login page URL which will prevent your website from brute force attacks. The by default WordPress login page URL is www.website.com/wp-admin

But if you make change here, your WordPress login URL will change.

like- www.website.com/sample

So, please be careful because you need to remember this URL when you are trying to log into your WordPress dashboard.

WP securityBrute ForceMark checkboxEnter URL suffixSave Setting [note: please remember URL suffix]

change WP login page's URL to secure wordpress website
change WP login page’s URL to secure wordpress website

When I will make this change then my WordPress dashboard login URL will change to be ‘https://www.primomate.com/sample’.

3-Stop user enumeration

OK so now I’ll go to the last tab named miscellaneous and from there I will select users enumeration.

by using the WP scan tool hackers can be able to enumerate users. So I recommended to you enabling this feature to stop user enumeration and then click save settings.

Stop user enumeration
Stop user enumeration

this feature will help you to prevent attacks.

At that point, the website is more secure by doing the simple changes which I have shown in How to Secure WordPress Website tutorial. And these changes will Prevent Brute force attacks against WordPress Website.

Now I am showing you how to secure wordpress website by changing the Database prefix-

4-How to Change the Database Prefix

I’m going to continue showing how to secure the WordPress website using the all in one WP security plugin. So first of all I will secure the WordPress database for preventing malicious attacks by going to database security.

the database contains very important information such as user name and password, comments, web page details, and so on.

To give an example I’ll go to c-panel on my web host.

And from there, I go to PHP My Admin.

here you can see all the tables with the wp prefix.

But I was changed before my database prefix as wpwk that you are seeing-

 php my admin database
php my admin database

So to protect your database from malicious attacks I highly recommend to change the table prefix.

first, make sure you have backup your database before doing this.Then change the DB prefix. Also, You should have backup everything before reading How to Secure WordPress Website.

So to do that I will go back to the dashboard and go to database security from the WP security plugin. And then I will put a database prefix called”myDB” and then I will click change DB prefix.

Dashboard wp securityDatabase securityput a prefix ➡ Change DB prefix

How to change the database prefix to imporve wordpress security
How to change the database prefix to imporve wordpress security

Now, if the DB prefix was successfully changed I will go to the database to check it and i will refresh the page. After refreshing you can see that the table prefix was successfully changed to myDB.

changed the database prefix
changed the database prefix

That’s It. This change will protect your website from malicious attacks.

Now I want to show you how to secure WordPress website by protecting the website from spamming-

How to Protect Website from Spamming

To prevent spamming I will go to the spam-prevention option from the WP security plugin. Then I will mark 2 checkboxes. One is for insert a captcha and another is for block any spambots. Then I will click on save settings

WP securitySpam preventionMark two checkboxSave settings

Spam prevention of the wordpress website
Spam prevention of the wordpress website

Once done with that I will visit my website with another browser or incognito mode for checking this.

In the comment section of the post of my website, You are seeing that a captcha box with a simple calculation has arrived.

spam prevention by captcha in the comment box
spam prevention by captcha in the comment box

So,this will block spamming and bots on your website. read more to know-Ways to Protect Your Website From SEO Spam Attacks

So, that’s it for now and thanks for reading:How to Secure WordPress Website. If you guess any problem then you can comment on your problem in the comment box below.

Primomatehttp://primomate.com
I am the CEO and Founder of this website

4 COMMENTS

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisment -

Latest

Most Popular