WordPress Security Tips

Do you have a blog or a static website?  Are you as concerned about WordPress security as I am?  I remember a day about two years ago when I received an email. WordPress locked the Geek For Hire website. When I frantically tried to log back in, I wasn’t able to.  I ended up by successfully logging in using Chris’ credentials.  Thank goodness I had set up two admin accounts! After I logged in, I deleted all of the other admin accounts.

(We sometimes provide links to products or services that we think will be beneficial to our readers.  Some of those links provide a small commission to Geek For Hire.)


How to ramp up your WordPress security:

There are several things you can do to make sure your WordPress site is secure.Wordpress Security Tips

  • First of all, don’t use “admin” as your login name.  If someone wants to hack your website, they will need two things.  One is your user id or your email.  The other is your password.  Admin is the most common user id for WordPress sites.  It’s kind of like using “password” as your password.  Don’t do it!
  • Your next step will be to play with your user id. Because “admin” or your name are standard user id’s, you want to use something unexpected. Make your user id something non-sensical.  A string of letters, numbers, and special characters will work.  Think of it as another level to your password.
  • Third, make sure your password is ultra secure.  WordPress has an option where they can generate a password for you.  I think it’s about 20 characters long with a healthy mixture of small and capital letters, numbers, and special characters.  Please use this option.
  • Fourth, check your list of users every few weeks.  There should only be you and whoever else you have authorized to have access to the account. If there are any other users, delete them.
  • Finally, use one of the WordPress plugins to ensure extra security. I use iThemes Security Pro. It has saved our website many times.  Because we have a name that is attractive to hackers, they constantly bombard us with break-in attempts; anywhere from 100-500 every day. If someone tries, unsuccessfully, to log into our account too many times, iThemes will lock them out.  We’re pleased with the level of protection they offer.

What we’re dealing with:

Here’s an example from one day last week.Wordpress SecurityYou can see that there were 243 separate login attempts, and one IP address has been locked out from trying to log in again.


If you are concerned about WordPress Security, remember to use a secure password, do use an odd user id, check your users, and sign up for one of the WordPress plugins.

Please forward this to your colleagues who manage a static website or blog.

Information about Geek For Hire, Inc.

I’ve created a Free Report to protect you from “phishing” scams. Click here to receive it!

Chris Eddy of Geek For Hire, Inc. has been providing computer service to families and small businesses with Mac’s and PCs for the past eighteen years. Angie’s List and the BBB rate Geek For Hire very highly.  You can find more on our website, or give us a call 303-618-0154. Geek For Hire, Inc. provides onsite service (Tier 3) to the Denver / Boulder / Front Range area as well as remote service throughout North America.

We’ve been using Amazon Prime for the past few years.  We like the free and fast shipping.  With Prime, we have access to online streaming too. Prime is usually $119/year, but you can get a free 30-day trial by clicking on this link: Try Amazon Prime 30-Day Free Trial. As an Amazon Associate, we earn from qualifying purchases.