Security is a top priority. While BurjHost secures the server, you are responsible for securing your WordPress login and installation. Follow these best practices.
1. Use Strong Passwords & Usernames
-
Avoid using "admin" as your username. Use a unique combination of letters, numbers, and symbols for your password.
-
Consider using a password manager.
2. Keep Everything Updated
-
As covered in Article 45, outdated core files, plugins, and themes are the most common way hackers get in. Enable automatic updates where possible.
3. Install a Security Plugin
-
Plugins like Wordfence, Sucuri, or iThemes Security add a firewall, monitor for malicious activity, and can block brute force attacks.
4. Limit Login Attempts
-
By default, WordPress lets you try to log in unlimited times. Security plugins can limit this (e.g., block an IP after 3 failed attempts) to prevent brute force attacks.
5. Use Two-Factor Authentication (2FA)
-
Add an extra layer of security by requiring a code from your phone in addition to your password. Many security plugins offer this feature.
6. Regular Backups
-
Even with the best security, things can happen. Regular backups ensure you can recover quickly. (See Article 49).
