WordPress Security Tip #1
Secure WordPress Admin Login
The first WordPress Security tip that I have is to immediately edit your wp-config.php and force SSL login for administering your WordPress Website. The code below will stop sending your password in plaintext over the internet. WOW! Can you imagine logging into your website at a cafe’ only to find out that Joe Hacker stole your WordPress blog password?
Copy & paste the following into your /public_html or /docroot/wp-config.php
WordPress Security Tip #2
Secure WordPress User Login
The second WordPress Security tip involves forcing SSL encryption when your blog users login to your website to make comments and interact with your site. Again, you want to protect their user experience. No one enjoys being hacked and their website defaced with spammy content! Copy & paste the following code snippet just beneath the first tip
WordPress Security Tip #3
HTTP Strict Transport Security for WordPress
After you’ve completed that step, I will suggest you readÂ HTTP Strict Transport Security for WordPress which I wrote about earlier last month.Â It will further enhance WordPress security by keeping your website in SSL mode. It does not modify your WordPress website. Please have your webmaster edit either your php.ini or htaccess. Not sure how to do this? Share my post and ask me on Google Plus!