How to Secure Your Blog with Secure WordPress

Hi, everyone.  Welcome to BuildMySiteForFree.com.  In today’s tutorial, I’m going to be talking about something very important, and that’s securing your blog.  And we’re going to do this by finding and using the Secure WordPress plugin, and the objective of this plugin is to prevent people from hacking into your account.

Now before I show you where the plugin is, I do want to emphasize that it is always important to create a unique username and password in order to secure your blog because a big way that hackers find their way in is because a lot of people use the default username “admin,” A-D-M-I-N, and just change their password.

So now all the hackers have to do is figure out the password because they know the username.  So the very first step before even installing
the plugin is to make sure you always have a unique username and password.  And I would constantly always change your password as well.

Now that I’ve explained that, I am going to show you where the plugin can be found, and I found mine at BuildMySiteForFree.com where all the plugins are free, and I clicked this link right here at the top where it says “Plugins.” And they’re all listed in alphabetical order.  So I found this one on page 14, and it’s  right here where it says, “Secure WordPress.”

So what I did was I downloaded it here as a zip file, and then I came to my plugins link on the navigation menu, and I clicked “Add New” and uploaded it from my computer.  So once you’ve done that, you will now have the active plugin, Secure WordPress.  And to go to the settings page for this, you want to click “Settings” on the navigation menu as well.  Scroll down, and you will now have a link that says “Secure WP” with a little icon to the left of it.

Click that link, and it will bring you to the Secure WordPress configuration settings page.  Now here on the right side, if you do have an account, you can log in.  You could also create an account if you do want to access certain advanced features from Website Defender.  But if not, you could just pretty much ignore that and leave it alone.

And now the great thing about a lot of plugins is a lot of the options in their settings page are set by default.  So you really don’t have to worry about going back and changing anything or not understanding anything because the most important things are already set.  But I will just walk you through a few of these.

So the very first one is the Error Messages.  If you check this box, it’s going to deactivate the tooltip and the error message at the login of WordPress.  So it will remove error information on the login page.  And the tooltip is when you scroll over something with your cursor and a  ttle textbox appears, it’s going to deactivate that as well.

Then the next two are options that will allow only the administrator of your blog to see the WordPress version or the WordPress version on the backend because some blogs have multiple authors, and if you don’t want certain users – whether they’re an author or an editor – to see certain features, you can check these boxes and it will only allow the administrator to see this.

The next file is actually very important to make sure you check because the index.php is where a lot of hackers go to get in.  So by checking
this box, it’s moving all of your files to another place.  So definitely make sure that that is checked, and it should be by default.

And these next two options, if you have the Really Simple Discovery link or a Windows link, Live Writer.  You could check those in order to remove them as well, but I wouldn’t worry about them if you have nothing to do with them.

And then the last few options are also to just prevent users on your blog from seeing things such as the core update, the plugin update, or the theme update.  So by checking any of these boxes, it removes any information for people that are not administrators.

And then finally, you can block bad queries, so by checking this box, it’s protecting WordPress against any malicious URL requests.  So like I aid, after you have installed the plugin and you have made sure that you have a unique username and password, there’s really not much to worry about.  If you do want to come, however, and check out these settings and maybe change some things, you now know where to go.  And don’t forget to, of course, save your changes at the end or else nothing you just changed will be updated.

And this is how you secure your blog with the Secure WordPress plugin. Please stay tuned for more videos at BuildMySiteForFree.com.

Print Friendly, PDF & Email

About the Author

Andy Johnson

Andy Johnson has been on the Internet since the its dawn(ie his first computer program was recorded on cassette tape) and his first hard drive cost about as much his current MacBook. His first byline was in 1993 for a local newspaper rag he eventually helmed, and his last “real job” was at a computer start up which ended when it ended. Throughout it all he’s freelanced and blogged. Now he is mesmerized by Search Engine Optimization forever trying to “rise to the top” for the right reasons. He’s been married to his wife Julia for as long as he can remember and has two lovely, wonderful children. He looks forward to sharing the latest in the technical best for all the online entrepreneurs.