Home / Development / How to Protect WordPress Website from Malware Attacks
How to Protect WordPress Website from Malware Attacks
How to Protect WordPress Website from Malware Attacks

How to Protect WordPress Website from Malware Attacks

How to Protect WordPress Website from Malware Attacks

Introduction :  Today, WordPress is most demanded platform because of its easy interface. WordPress platform was recognized in 2003 to enhance the typography of everyday writing via blog representation. Since then and now, WordPress has grown to be the most used open-source platform for largest self-hosted blogging, CMS or any other custom solution in the world. Based on PHP and MySQL, it provides free open source platform, security and speedup features for developers. Here are the tricks to Protect WordPress Website from Malware Attacks.

With this article, I am sharing some security actions for WordPress website. These tips will help you secure your database, server path and website access from third parties or hackers. Please follow below steps that include-

  • WP-Config.PHP file setting
  • Database protection
  • Htaccess File setting
  • Latest version updates settings
  • Error removal
  • Protecting files
  • Login restriction
  • WordPress admin restriction

1. Change the Database Prefix

The basis setup of WordPress includes default database prefix (es). The default prefix is known to hackers and they can easily find the table names of your site’s database. So, it should be changed to protect the database files.

2. Create Custom Secret Keys for wp-config.php File

Wp-Config.php, the main file in WordPress root directory contains all the confidential details of website. The file requires to be secured from hacking, attack or database sharing. The file contains secret keys that keep a bit information about authentication and access. The default secret keys should be changed to something else to keep the information confidential.

Don’t use any software or online tool to generate random keys for you.

3. Protect your wp-config.php File

The wp-config.php file should be secured keep all the confidential information safe. Protect the file by placing the below code in your .htaccess file on your server.

<Files wp-config.php>
 order allow,deny
 deny from all
 </Files>

4. Protect Your .htaccess File

Protecting wp-config.php file is not enough for an advanced security. The .htaccess file should also be protected to have the website’s other information secure. Put the below code in your .htaccess file.

<Files .htaccess>
order allow,deny
deny from all
</Files>

5. Automatic Core Updates

The old version of WordPress, theme, plugin is well known of hackers and they can easily hack the site. So, always upgrade your WordPress version, theme and plugin to the latest version. The automatic updates option might be a good choice to keep aware of every version. It will help to those who want to take a more hands-off approach to site management but want a secure site, just the same. Though minor updates install automatically, major ones still require approval. The approval of major upgrade may fix any security bug from the previous version. To do this, put the following code into wp-config.php file and allow the major code updates to be happened automatic in the background without any approval.

 define( 'WP_AUTO_UPDATE_CORE', true );

The minor updates do not affect any code or site functionality; however the auto major updates can break your website, especially if you’re running a plugin or a theme that isn’t compatible with the latest version. So, log into to your website regularly and don’t change in your core files to stop the new version override your files. Automatic updates for plugins and themes can be configured by below code into wp-config.php.

For plugins:

 add_filter( 'auto_update_plugin', '__return_true' );

For themes, use:

 add_filter( 'auto_update_theme', '__return_true' );

You can hide WordPress version number as well that displays via meta. Displaying the WordPress version lets hackers know your current version and attack your website through the previous version’s bugs.

You can hide your WordPress version number by following below instructions:

  • If you are using an older theme, remove the following line from your theme’s header.php file
php bloginfo('version'); ?>" />
  • Remove the generator tag, which actually exposes all known vulnerabilities to that version date. If you are using a newer theme, just add the following in your theme’s functions.php file
<? php remove_action('wp_head', 'wp_generator'); ?>
  • Simply put the following code to your functions.php file:
add_filter( 'the_generator', '__return_null' );
  • You can go one step further and additionally remove it from RSS feeds using this:
function wpt_remove_version() {
 return '';

}  add_filter(‘the_generator’, ‘wpt_remove_version’);

 

6.Eliminate PHP Error Reporting

Your WordPress website has a lot to do for backend security and protect the site from weak spots. Another one is error reporting. If a theme or plugin doesn’t work properly, it occurs an error message. These error messages give the hackers every nook and cranny of your website on a silver platter. Because the error messages contain your server path and hackers can easily get your full server path by these error log files. So, it should be disables by single code snippet into wp-config.php.

// Turn off all error reporting
 error_reporting(0);

@ini_set(“display_errors”, 0);

7. Disable Login Hints

Once you try to login on WordPress website’s admin panel with wrong, incorrect password or a non-existent username, you will get a hint like your username is wrong, or your password doesn’t match with that username. This can offer a fair opportunity for hackers to break into your site. So, you should get rid of such information by disabling it with a script within your functions.php file:

function no_wordpress_errors()
{
return ‘What the heck are you doing?! Back off!’;
}
add_filter( ‘login_errors’, ‘no_wordpress_errors’ );

8. Protect your WordPress Admin Area

WordPress admin area is the panel where you keep backend customization and content integration of your website. So, the access of the admin area should be restricted to people that actually need access to your panel. The third parties or people would not be able to access your /wp-admin folder or wp-login.php file of you have restricted registration or front-end content creation area. Put the below code with your home IP address and add these lines to the .htaccess file in your WordPress admin folder replacing xx.xxx.xxx.xxx with your IP address.

<Files wp-login.php>
 order deny,allow
 Deny from all
 Allow from xx.xxx.xxx.xxx
 </Files>

In case you want to allow access to multiple computers (like your office, home PC, laptop, etc.), simply add another

Allow from xx.xxx.xxx.xxx statement on a new line.

If you want to be able to access your admin area from any IP address restricting your admin area to a single IP address or to few IPs can be inconvenient. In such cases, you can limit the number of incorrect login attempt to your site. This way you will protect your WordPress site from brute-force attacks and people trying to guess your password.

9. Hide Author Usernames

It is often seen that author name and administrator name are same during. No one thinks to keep them separate if only single user is managing the website. It is easy to find the admin’s username if anyone has your main author or administrator name. It’s not good for security purpose. It is same like you give the treasure of your site to hackers and run the risk of seeing your site compromised.

You should hide the author’s username to prevent the hackers. You just need to put the below code snippet to your website’s function.php file. It will make it so when someone inputs ? author=1 after your main URL, they won’t be presented with the administrator’s information and will instead be sent back to your homepage.

add_action(‘template_redirect’, ‘bwp_template_redirect’);
 function bwp_template_redirect()
 {
 if (is_author())
 {
 wp_redirect( home_url() ); exit;
 }
 }

Several other tips and tricks are still there which you can use to keep advanced security of WordPress website, however above are the best bunch of security features that would make your website more secure and safe.

5,945 comments

  1. I have recently started a web site, the info you offer on this website has helped me greatly. Thanks for all of your time & work.

  2. Very nice info and straight to the point. I don’t know if this is truly the best place to ask but do you guys have any ideea where to hire some professional writers? Thanks in advance 🙂

  3. I wanted to follow up and let you know how considerably I valued discovering your site today. I’d personally consider it a real honor to do things at my workplace and be able to utilize tips discussed on your web site and also be involved in visitors’ reviews like this. Should a position connected with guest article author become offered at your end, please let me know.

  4. I besides conceive thence, perfectly composed post!

  5. I enjoy your writing style truly loving this web site.

  6. I believe you have remarked some very interesting details, regards for the post.

  7. great submit, very informative. I wonder why the other specialists of this sector don’t realize this. You should proceed your writing. I am confident, you have a great readers’ base already!

  8. You are a very clever person!

  9. Glad to be one of several visitants on this awful web site :D.

  10. I cling on to listening to the news bulletin lecture about receiving free online grant applications so I have been looking around for the finest site to get one. Could you advise me please, where could i acquire some?

  11. I was reading through some of your articles on this internet site and I believe this site is very instructive! Keep posting.

  12. “Great weblog here! Also your web site a lot up fast! What host are you using? Can I am getting your affiliate hyperlink to your host? I want my website loaded up as quickly as yours lol”

  13. Really appreciate you sharing this blog post.Really thank you! Will read on…

  14. Appreciate you sharing, great post.Really thank you! Want more.

  15. Very neat blog post.Thanks Again.

  16. This is one awesome blog post.Much thanks again. Will read on…

  17. origami box and lid video origami tessellations origami cube twitter.com/origamilesson

  18. I loved your post.Really looking forward to read more. Keep writing.

  19. Hello. And Bye.

  20. Very informative article.Really thank you! Really Cool.

  21. xrumer

  22. Looking forward to reading more. Great blog.Really looking forward to read more.

  23. Ꭲhanks for finally wгitіng about >How to Protect ԜordPress
    Website from Malware Attacks <Liked it!

  24. thanks benefit of this colossal illuminating website, living up the great work check out this casino offers

  25. Hello.
    I need to contact admin.
    Thank you.

  26. You’ve made some good points there. I checked on the net for additional information about
    the issue and found most people will go along with your views
    on this website.

  27. Hello. And Bye. Test, only a test, Test, only a test.

  28. Asking questions are in fact nice thing if you are not understanding
    something completely, except this article presents good understanding yet.

  29. Hey, thanks for the post.Really looking forward to read more. Really Great.

  30. I have nothing against a healthy lifestyle. I just want to say that if you have problems in roost you can simply order [url=https://sale-secure.com]kamagra online[/url]. It is not necessary to change your diet, to run to the gym and so on. If I have a headache, I use tablet, instead of doing 10 sit-ups. Treatment of erectile dysfunction really make effective today. Many complicate everything and try to give answers to very complex where everything is simple and obvious. With the development of the Internet have the opportunity to receive the pastille completely anonymous mail. There are many medication options and everyone can choose what suits him personally.

  31. This is a great idea, the main plyust is that you can save well. Just as many men do in case of problems with potency. Of course the question a little embarrassing, but we are all adults, especially in our time solution can be completely invisible to others. You just have to log online and [url=https://sale-secure.com]buy Viagra[/url]. And no need to overpay for these useful pill by simply selecting [url=https://sale-secure.com]generic Viagra[/url]. Now there are no problems and your wallet is not empty.

  32. Hello.
    I need to contact admin.
    Thank you.

  33. I appologize.. I am unable to review this gps device as it was bought as a present for my sister… but I would purchase the 265w next time, as its the one I should have purchased because of the lifetime real time traffic, as i exactly know how to work on it… other than that, Ive heard it works well.

  34. I do not even know how I ended up here, but I thought this post was great.
    I do not know who you are but definitely you’re going to
    a famous blogger if you are not already 😉 Cheers!

  35. Appreciating the dedication you put into your site and in depth information you present. It’s good to come across a blog every once in a while that isn’t the same out of date rehashed information. Excellent read! I’ve saved your site and I’m including your RSS feeds to my Google account.

  36. Remeron And Adderall Anti Depressant Taking Lexapro Vs Adderall Together Ultram And Adderall Dose [url=http://www.netvibes.com/stratteraonline ]buy adderall no rx[/url]. Diflucan Mexico Adderall Alprazolam And Oxycodone Adderall Mixing Adderall And Percocet Remeron And Adderall . How Does Adderall Cause Weight Loss Adderall Xr Generic Financial Assistance . Tenuate Versus Adderall Adderall And Wellbutrin Prescribed Together Buy Valtrex Online Pharmacy Adderall Tylenol Adderall Recording Adipex And Adderall Xanax Alcoholic With Adderall

  37. Hello, after reading this remarkable article i am as well happy
    to share my experience here with friends.

  38. This is the very best search engine in the world

  39. Pretty! This was an extremely wonderful post.
    Thank you for supplying these details.

  40. Fed up of typing “who can write my essay” in the search bar? Would you like to have a reliable helper always by your side? Essayerudite.com will come as an excellent solution to this problem.
    We do our best to keep you satisfied with the service we provide.

  41. We value excellent academic writing and strive to provide outstanding essay writing services each and every time you place an order. We write essays, research papers, term papers, course works, reviews, theses and more, so our primary mission is to help you succeed academically.
    EssayErudite.com – don’t waste your time and order our essay writing service today!

  42. Hello, Neat post. There is a problem with your site in internet explorer,
    would check this? IE still is the market leader and a large component
    of other folks will omit your fantastic writing because of this problem.

  43. Glad to be one of the visitants on this awful web site :
    D.

  44. Mr. Jorge Napoli

    Hi there ! Great article and also highly educative. Good to observe your content.

    My personal Blog

  45. If some one wants expert view concerning running a blog afterward i advise himher to pay a quick visit this gbdeeebafage

  46. Wow! This could be one particular of the most useful blogs We’ve ever arrive across on this subject. Basically Wonderful. I’m also a specialist in this topic so I can understand your hard work. bddedbbeefbd

  47. I loved your post.Much thanks again. dcfkdedaegdd

  48. You could certainly see your skills within the work you write. The world hopes for more passionate writers like you who arent afraid to say how they believe. Always follow your heart. gffbebfbdafg

  49. Your goal is to breed all the different dragons available to you beeebffkbeeabkda

  50. Keep working ,fantastic job! bdddfeeeedka

  51. Fckin awesome things here. I am very glad to see your article. Thanks a lot and i’m looking forward to contact you. Will you please drop me a mail? gddecbdfdgge

  52. Hi, Neat post. There is an issue together with your site in internet explorer, may test this IE nonetheless is the marketplace leader and a huge part of folks will leave out your magnificent writing because of this problem. bcaeddgfffaddkde

  53. Hey, thanks for the post.Really thank you! Really Cool. bdkgddgadefk

  54. You produced some decent points there. I looked on the net to the problem and discovered many people goes together with along along with your web site. dggkffdbeddc

  55. Wow, this article is fastidious, my younger sister is analyzing these kinds of things, thus I am going to convey her. kaedceddeeadeddf

  56. Great goods from you, man. I have understand your stuff previous to and you are just too fantastic.

  57. I just like the helpful information you provide on your articles. I will bookmark your blog and test once more here frequently. I’m moderately certain I will learn many new stuff right here! Best of luck for the next! kagdgfgeaede

  58. Wonderful goods from you, man. I have understand your stuff previous to and you’re just extremely magnificent.

  59. Great goods from you, man. I have understand your stuff previous to and you are just extremely wonderful.

  60. Hey, you used to write amazing, but the last couple of posts have been kinda boring I miss your tremendous writings. Past couple of posts are just a little out of track! come on! gdefbebgfeak

  61. It’s perfect time to make some plans for the long run and it is time to be happy. I have learn this publish and if I may I want to suggest you few attentiongrabbing things or advice. Maybe you could write next articles regarding this article. I desire to read even more things about it! eekccdbekgfgakbk

  62. Magnificent site. Plenty of useful information here. I’m sending it to some friends ans additionally sharing in delicious. And certainly, thanks in your sweat! ddfkdkakacef

  63. I like the helpful information you provide for your articles. Ill bookmark your blog and check again right here frequently. I am quite certain Ill be informed many new stuff proper right here! Best of luck for the next! ecedcedfgcecgggd

  64. Wonderful beat ! I wish to apprentice while you amend your web site, how can i subscribe for a blog site? The account aided me a acceptable deal. I had been tiny bit acquainted of this your broadcast offered bright clear idea egdfgaakbdfd

  65. Hello, Neat post. There is a problem with your website in web explorer, may check this IE still is the market leader and a large component of folks will leave out your magnificent writing because of this problem. fbgakeegeeegcedd

  66. Merely a smiling visitor here to share the adore , btw outstanding style. Audacity, more audacity and always audacity. by Georges Jacques Danton. bagfkfgedgdeefdb

  67. Thanks for this article. I’d also like to express that it can often be hard if you are in school and simply starting out to initiate a long credit standing. There are many students who are just trying to endure and have an extended or favourable credit history are often a difficult matter to have. cdeakgceacge

  68. Great blog! I am loving it!! Will come back again. I am taking your feeds also geeckbbaekgbdfdd

  69. Thank you for the auspicious writeup. It in fact was a amusement account it. Look advanced to far added agreeable from you! By the way, how could we communicate? dccbbaccaeeb

  70. I value the post.Thanks Again. Awesome. ccfakafbefggbkbb

  71. very nice post, i certainly love this web site, keep on it gakaagbebdfe

  72. But a smiling visitor here to share the love , btw outstanding layout. kefdkdkdakgd

  73. Im genuinely enjoying the style and layout of one’s website. Its a very uncomplicated on the eyes which makes it a great deal much more enjoyable for me to come here and pay a visit to far more typically. Did you hire out a designer to make your theme? Excellent perform! gddgegkdkgfg

  74. hi!,I really like your writing so so much! proportion we communicate more about your post on AOL? I need a specialist on this space to unravel my problem. Maybe that’s you! Looking ahead to see you. fbkdedfagebd

  75. Hello, i think that i saw you visited my blog thus i got here to return the choose.I am trying to to find issues to enhance my site!I guess its adequate to use a few of your ideas!! bdkcbkedfadf

  76. Awesome blog.Much thanks again.

  77. Hi supplementary website

    best christian online dating sites top online dating websites site for relationship single sikh free adult dating london

  78. Peculiar this blog is totaly unrelated to what I was searching for – – interesting to see you’re well indexed in the search engines.

  79. I’m a new comer to blogspot and I’m possessing a difficult time. How can I change the background to a picture I want?.

  80. I’m not sure why but this website is loading incredibly slow for me.
    Is anyone else having this issue or is it a issue on my end?
    I’ll check back later and see if the problem still exists.

  81. Great – I should definitely say I’m impressed with your website. I had no trouble navigating through all tabs as well as related information. It ended up being truly easy to access. Nice job…

  82. hi,i actually want to ask u that my husband is hiv positive and he is using medicine now but i was not diagnosed +ve till 3 times i had test¡­now what ca i do am also affected???wel am really worrid and scared too wel now we have safe sex but before we didnt hav .we knew he had hiv after 1 and half yr marriage ¡­wel he had nonpulmonary tv then he was diagnosed to have hiv¡­so should i check again or is it possible am not infected???wel i love him alot and dont wana lose him plz help me and if possible tel me if he can be cured forever¡­

  83. Some genuinely interesting info , well written and broadly user genial .

  84. eye care should always be our top priority since the eye is a very delicate and irreplaceable organ-

  85. It is my first time visiting your website and I’m very interested. Thanks for sharing and keep up 😉

  86. It’s apparent that essay producing isn’t a straightforward activity for that college students as well as the prime essay producing services arrives as simple selection for each of the learners experiencing bother.

  87. you are in reality a excellent webmaster. The website loading speed is
    incredible. It sort of feels that you’re doing any distinctive trick.
    In addition, The contents are masterwork. you
    have performed a great task in this matter!

  88. Just what I was looking for.

  89. Saved as a favorite, I love your website!

  90. I love it whenever people come together and share ideas.
    Great blog, keep it up!

  91. I like all your posts. You’ve done fantastic job

  92. Many thanks for the site, it is loaded with a lot of helpful information. This helped me a lot.

  93. It is a really great resource!So much useful info and handy ideas, bless you =)

Leave a Reply

Your email address will not be published. Required fields are marked *