Increase security on a WordPress site

WordPress is an extremely popular framework, which makes it easier to hack. Here are couple of ways to increase the security of your WordPress installation :

  • Hide your admin back-end to a list of whitelisted IPs through server rules on Apache / Nginx
  • Change the path to your admin back-end
  • Protect the wp-login.php script
  • Change the prefix of your tables
  • Use complicated passwords and change them often

For people who are not necessarily developers, the plugin “iThemes Security” does some of the steps I mentioned pretty well.