We have seen from last few months that most of the WordPress sites in all over the world are under attacks by the hackers. Please try our security tips to secure your WordPress websites.
(1) If your default wordpress admin username is "admin" change it to another one from the database. The table name is wp_users, just change the admin user name from the table.
(2) Login to your wordpress admin panel and change your password. Set your password with combination of small letters, capital letters, numbers and spacial characters. Also try to set your password atleast 10 characters long.
(3) If your wordpress site isn't updated yet, please update it to the current version. Also update the plugins which are available to update. Remember, don't use unknown plugins which are not authorized by wordpress.
(4) If you have other admin users, ask them to update their password to the strongest one as mentioned in step 2.
(5) Use the plugin "Login lockdown". What this plugin does is marks the IP address of any computer that attempts to log in to your website and fails. If that same IP address fails repeatedly, that IP address is locked out from being able to log in to the website. You decide the number of attempted logins and total time.
(6) Also use the plugin "Secure WordPress." This plugin hides many of the errors inherent in the default login page of the WordPress install, including hiding the version of WordPress being used and adding an index.html file to the directories.
C.E.O. And Technical Head
Monday, October 21, 2013