Tips on how to protect your WordPress website in 2017

This is an Article by Hamed Pour, on WordPress Security

See the full article here:

Why WordPress is dominant

WordPress, launched in 2003, has become the most widely used full content management system in the world. It is an open source, community-based system and therefore entirely free.

Ever-improving template options, plug-ins, SEO capability and client portal functionality have been essential to its success, making it competitive with the best proprietary options. Also contributing to its widespread use–bloggers and social media managers are able to host and moderate blogs from a single dashboard using WordPress’s editing tools, permalink structure and integration of HTML.

How to protect your WordPress website against hackers

Your WordPress database is the brain of your website, storing ALL of its information. Unfortunately, this makes it a favorite target for hackers who can easily send malicious code using JavaScript injecting SQL targeting your wp_ based tables.

Many users either forget or aren’t aware that they must change the database prefix when installing WordPress. If they don’t, they’re leaving the door wide open for hackers to change their database prefix, giving them access to launch an attack.

To prevent this, take the following several steps to change the WordPress database prefix–
If you already have a WordPress site, either view your config.php file or go to phpMyAdmin in cPanel to check your tables’ names.
Make a // entry in config.php that displays the WordPress table prefix used in the installation

$table_prefix = ‘wp_’; //. Use only numbers, letters, and underscores!

To make your WordPress site even more secure, change the prefix to something that is difficult to guess. Pick something like a hard-to-crack password, one limited only to numbers, letters, and/or underscores.

Another option is Philipp Heinze’s plugin “wp prefix changer” that he created for However, I prefer the manual approach described above, which I’ve successfully applied to two blogs.

If your prefix is simply wp_, I highly recommend taking the next six steps that I recently tested with a WordPress 2.8 installation–

1. Make a backup

2. Edit your wp-config.php file and make changes, as follows-

3. Change all your WordPress table names

4. Edit wp_options

5. Edit wp_usermeta

See the full article here:

Useful Links:

About the Author

IMAD SCOTLAND Website Design - Website Updating - Internet Marketing Part of the IMAD Scotland Group