How to Secure your WordPress site.

Back to search


WordPress site has over 64 million sites and was recently targeted for a DDOS botnet attack. The botnet cannot enter your site unless it can get in.

It tried to login with the default Username: admin and then tries common passwords.

The Daily Dot’s Lorraine Murphy has put together a great 4 Easy Steps to protecting your WordPress site.

Change default Username “admin” immediately!

Passwords need to be 'strong' with a combination of acceptable characters, numbers and capital letters.

Please ensure that you also change your administration email account’s password.

Turn on two-factor authentication. Please note that the latest version of WordPress is needed to enable this. This will enable you to receive your Username and Password on your cell phone as well as your email.

In a nutshell:

  • Change your username to something long and unique
  • Change your password to something more complicated
  • Change your email password to avoid password retrieval
  • Enable two-step authentication.

Also Read

What is the difference between a Registrar and a Registry?
A Registrar interfaces with the general public regarding the registration of their domain names,...
What is a Registrar?
A Registrar interfaces between the general public and a Registry. A Registrar has to be...
Can I just use DiaMatrix or do I have to go through UniForum?
domains.co.za offers the registration of domains to the public. However, should you wish to...
What is the Multi Registrar / Reseller EPP Control Panel?
domains.co.za has developed a White Labelled Multi Registrar EPP solution that companies /...