If you run a WordPress website, you should absolutely take basic steps to secure it against hackers.

Most website owners and developers don’t consider website security to be an exciting topic. You acknowledge it’s important, but, hey, it’s also kinda boring and technical.
Also there’s that catchy old “It won’t happen to me” chorus playing at the back of your mind.
So website security languishes at the very bottom of of your to-do list, and never gets any attention.
But what if I told you that you could ramp up your website security right now, all by yourself, in 18 minutes or less, without spending a penny?
Now that’s news!

Just follow these 4 dead-easy steps, you’ll soon be free to get back to the other, more thrilling tasks on your to-do list:
(Note these steps refer specifically to WordPress sites, but can be applied to most other content management systems.)

1. Delete the username “admin”
The default username when creating a WordPress site is “admin.” Most people keep this username. This makes it dead easy for hackers to guess your username. Then they are already half logged in to your site.
So delete any account with the username “admin.”
Note: if the account with username “admin” is the only user that currently has Administrator-level access, you won’t be able to delete it until you first create and login with a different Administrator-level account. WordPress needs to ensure that there is some way to access Administrator functions for your site.

2. Strengthen Your Password
Hackers use software to instantaneously test every word in Wikipedia against your password. So anything that is a real word or name in any language should not be used. Any logical or significant number sequence should not be used.
That means don’t use your pet’s name, your kid’s birthday, or anything else that vaguely makes sense.

The best passwords include a random arrangement of uppercase and lowercase letters, as well as numbers and symbols. In other words, they should be gibberish.
You can use a password generator to help you do this – just make sure to save your passwords in a secure place.

So go now and change your website login password to something really incomprehensible. Ask other users to do the same.

3. Delete and Update
WordPress has a bit of a bad rap for being “insecure.” In fact, a WordPress site only becomes insecure when you fail to keep it up to date. Any part of your site that is not updated to its latest version presents a security risk. Hackers find vulnerabilities in sites through outdated files, themes and plugins.
So go now and make sure that you are updated to:
• The latest version of WordPress
• The latest version of all installed plugins
• The latest version of all installed themes
While you’re in there, it’s best to delete any plugins or themes that you don’t use or need. These are likely to become outdated without you noticing, creating future security risks.

4. Limit Login Attempts
There is a plugin I like best for this purpose, it is called the Limit Login Attempts plugin. It’s really a clever little thing.

One of the common ways that hackers attempt to gain access to a site is by using software that bombards the login page with an infinite number of username and password combinations, until they strike gold. And if you are not following steps 1 and 2, they will strike gold pretty fast. This was how the Brute Force attacks were so successful in destroying many WordPress sites in 2013.
That’s the beauty of this plugin: it limits the number of times that anyone can attempt to login to your site within one single hour to some reasonable human number, like five.
If you are the forgetful type, set it to 10
So off you go to search for and install the “Limit Login Attempts” plugin on your site.

If you find this helpful please leave a comment.
My name is Ajayi Adebayo. Trainer, Web Developer and Digital Marketer
Call/Whatspp for your website design 07067116962
www.webbiit.com