Security for WordPress?

According my friend, wordpress have many bugs that some people can access in to dashbord and deface your database.

Oke, now i will share about how to make your wordpress secure (but never and no thing 100% security is safe)

1#:  Use a stronger and solid password

created strong and solid password make more safe than you use regular password like your brithday, your mother name etc.  You can use password strength checker from microsoft that called Password Checker.

2# : Change Your default admin username

For the older versions of WordPress, it automatically generates a user with Administrator-level permissions called “admin”. You should add a new administrator and then delete “admin” user. Anyway now we can have the option to choose a admin username for the latest version.

3#Always stay up to date your wordpress

when wordpress software updates, especially one that includes security fixes, upgrade as soon as time permits. You should also keep your plugins and theme versions updated..

4# Backup your MySQL database and site files constantly (recomended)

You also recommended to install WP-DBManage For backup your SQL database. Allows you to optimize database, repair database, backup database, restore database, delete backup database, drop/empty tables and run selected queries in a finger click. This plugins can automatically backup your database for a certain period and send to your specific email address as Gzip file.

5# Limit access to the wp-admin folder by IP address

Hemm, i think this is more secure way, because very hard to log in to wp-admin root. for example please try this  http://heatlhmood.info/wp-admin/.. You can limit access some people with IP address with this tips:

• Check you IP address here What’s My IP
• Now open notepad program and thank put this code :

AuthUserFile /dev/null
AuthGroupFile /dev/nullAuthName "Access Control"
AuthType Basi
corder deny,allow
deny from all
#IP address to Whitelist
allow from 123.456.789.321

Change the ip address  123.456.789.321 with your IP address.

• Save your docoment with this name .httaccess
• Upload in your wp-admin -> root/wp-admin/

6#Optimizing your wp-config file by define your secret keys

Another way to make your WordPress install secure is by encrypting the information stored in your WordPress cookies. This makes it hard to gain access to your WordPress administration panel by way of cookie hijacking.

Open your wp-config.php file and find the section below,

 * @since 2.6.0 */define('AUTH_KEY', 'put your unique phrase here');
define('SECURE_AUTH_KEY', 'put your unique phrase here');
define('LOGGED_IN_KEY', 'put your unique phrase here');
define('NONCE_KEY', 'put your unique phrase here');
/**#@-*/

Vsit WordPress secret key generation tool to get your random personal Secret Keys, copy and replace the bottom four define rules in your wp-config.php file. The secret codes may look like below:

define('AUTH_KEY',
       '*fhU(7dWI?j?NJY&uJ3|b?-Z&/bjPd`qR+UR+5C4|ai+e 4R{<~6ffQJvS`cz?EZ');
define('SECURE_AUTH_KEY', 'b!O[MGZ+ry2K;#[d;9 :1wS/U*c3*-xYvima#x~9dYrL6+s:Ch_O0^+-~I3 Ba0o');
define('LOGGED_IN_KEY',   '*eJXjN{uE%I?-GZe=O&7_Ic~/Kuo)V$a0]>ScjWN{hf*/p5G:M]2}1$vL/F?M;e@');
define('NONCE_KEY',       'yD)W3!xLn`V6.s^dx:(K<[$xax_@zf_x*QGF8WxeZpbjGST O87 !&`3Bm-g]i8:');

7# Restrict file access to wp-content directory

like step number 5, you have to add file .httaccess but with this code

Order Allow,DenyDeny from all<files  ?\.(jpg|gif|png|js|css)$? ~>	Allow from all</files>

8#Secure your .htaccess file

besides wp-config.php, .htaccess on the root directories is also very important, you should restrict the file permissions to CHMOD 644. Just locate the .htaccess file and right-click the file and set permissions to 644. You can also add the following code to the very bottom of the content of your .htaccess file, this is basically only allowing your .htaccess file to access your wp-config.php file.

<Files wp-config.php>Order Deny,AllowDeny from All</Files>

If you have many tips to share here, please give me comment and i will put your tips and source.