Being a security enthusiast I always care about online security. I started to explore WordPress a year ago and was impressed with its ability and potential. It has got everything for an individual, business or organization to have their internet presence through own website. In fact, I created my own bio page using WordPress.
After hosting my website, the next thing came to my mind was to check security of my website. I used couple of free and open source tools to scan my website for security. Further I went ahead and figured out ways how to mitigate the discovered security risks.
No doubt, the web hosting websites have options for providing security to any website. But that comes at a cost. In this session, I want to show other how can they not only check security posture of their WordPress websites also apply fix to those by themselves. WordPress also has free plugins available for the same purpose. I this session I have planned to talk about both manual fix as well as security plugin.
In addition, I also want to talk about some additional measures such as:
- Limit login attempts to prevent brute force attacks
- Use a security plugin to enable two-factor authentication.
- Limit access to your wp-admin and wp-login pages.
- Use a security plugin to automatically scan your website for malware
- Keeping the plugins up to date.