HomeSecurity

WordPress Blog Secure Kaise Kare [Security Tips]

Like Tweet Pin it Share Share Email

WordPress – website banane ke liye sabse best and easy CMS (content management system) platform hai isme koi shak nahi. Aap kuch minutes me hi apni self-hosted website bana sakte hain.

Tabhi world me 25% se jyada websites wordpress par create ki jati hain, bloggers ki first choice bhi yahi platform hai.




Magar wordpress par ek aisi problem hai jo hamare new users ko pareshan kar sakti hai, wo hai hacking ki problem. Agar aap wp par new hain to aapke liye yah samjhna jaruri hai ki apni wordpress site ko hacking se kaise safe rakhe.

Hamare New wp users kayi bar security ko lekar aisi mistakes kar dete hain jo unki site hack hone ke chances badha deti hai.

Kyu Hoti hai WordPress site hack?

reason wordpress hack

WordPress website hack hone ke kayi reason ho sakte hain, most of reason aap khud create karte hain, aapki mistakes, aapki carelessness, aapki adhoori knowledge. Kuch aise hi reasons hain:-

  • Weak password
  • ADMIN user name
  • untrusted plugins install karna
  • WordPress update na karna
  • Security plugins install na karna
  • Spam emails open karna
  • Malware software PC me install karna
  • PC me antivirus use na karna
  • Untrusted websites visit karna
  • And More

wordpress security tips




WordPress Site ko kaise Secure kare

Don’t worry, aapko kuch safety tips follow karke apni site ko safe rakh sakte hain. Main yah nahi kah raha ki aap bulletproof safe ho jayenge, magar yes aap kafi had tak apni site ko hack hone se secure rakh sakte hain.

Follow Below Security Tips:

1. Wordpress ko hamesha updated Rakhe

Aapki sabse badi mistake hoti hai wordpress ko regular update na karna. Wordpress ko hamesha update rakhna chaahiye. WordPress team regular security patches update available karti hai jis se security par effect na pade.

Jab bhi wordpress ka new version launch hota hai aapko Dashboard par notification di jati hai, bus aapko single click me wordpress update karna hai.

WordPress ka old version rakhne se hamesha security ka risk rahta hai, new version me wordpress security ko improve kiya jata hai isliye hamesha apne wordpress ko up-to-date rakhe.

2. Untrusted / Non-updated Plugins Install na Kare

WordPress par hazaro plugins available hain aapki har jarurat ko pura karne ke liye. Lekin iska matlab yah nahi ki aap koi bhi plugin install karke use karne lage.

Plugins install karne se pahle us plugin ki popularity aur last update date jarur check kar le. Agar plugin ka review achha nahi hai aur kafi samay se update nahi hui hai to install na kare.




Aisi old non-updated plugin hamari site ko slow kar deti hain aur security ka risk bhi create kar deti hain, isliye aisi plugin avoid kare. Hamesha popular aur regular updated plugin hi use kare.

3. WordPress Username ‘Admin’ na rakhe

Hamare kayi new bloggers jo wordpress join karte hain to jaankari na hone ke karan apna user name ‘Admin’ rakh lete hain. By Default kabhi kabhi yah user name wordpress installation ke samay create ho jata hai.

Jab bhi aap wordpress install karte hain to apna Username different rakhe. Agar aapka Username ADMIN set kiya hai to aap username change kar sakte hain.

4. WordPress site ka Regular Backup le

WordPress par site ka regular Backup lena bahut hi jaruri hota hai. Backup lene se agar aapki site hack ho bhi gayi to bhi aap apni site ko Restore kar sakte hain.

Maine Aapko Vaultpress Backup plugin ke baare me bataya tha jo aapki site ka regular full backup automatic hai. Yah plugin premium hai aur aapko just Rs.3,500 per year spend karna hai.

Agar aap vaultpress purchase nahi kar sakte to don’t worry aapke liye free backup plugins available hai jo aapki site ka Full backup and Restore kar sakti hain.




5: Delete Deactivated Plugin

Jo plugin aapne Deactivate kar rakhi hai usko completely delete kare. Kyunki disable kar dene se plugin delete nahi hoti uski files aapke wp-content folder me store rahti hain.

Plugin ko agar aap kafi samay se use nahi kar rahe hain aur future me bhi nahi karna chahte to aap wo plugin delete kar de.

6. Use Security Firewall Plugin

Jis tarah se hamare PC ke liye Antivirus hota hai usi tarah wordpress par hamari website ki security ke liye firewall plugins available hai. Yah plugins aapki site par hackers ko rokti hain. aapki site ko daily scan karke malware free rakhti hain.

Sabse popular plugins me Wordfence Security, iThemes security and Bulletproof security hai jo free available hain. Ye plugin kafi sari security features ke sath available hain jo aapki site ko safe rakhne me kafi help karti hain.

7: Use Clef Two-Factor Authentication

Aapko Google ke 2-step verification ke baare me to pata hi hoga? Wordpress me bhi aapke liye yah feature available hai plugin ke through.

Clef Two-factor Authentication aisi plugin hai jiski help se aap apni wordpress site me login karne ke liye 2-step authentication enable kar sakte hain.




Jab bhi aap apne site me login karenge aapko PIN enter karna padega. Aap plugin ka setup apne Android smartphone ke sath kar sakte hain.

8. Free Themes Use na kare

Kya aap free wordpress theme ka use karte hain. Ek serious blogger aisa nahi kar sakta, Free theme kabhi bhi update nahi hoti aur yahi hacker ko chance mil jata hai aapki site ko tabaah karne ka.

Main aapko suggest karunga ki trusted sites se Premium theme hi purchase kare, premium theme me koi unwanted coding nahi hoti aur fully clean aur regular update rahti hain.

Aap Themeforest, Mythemeshop, Elegantthemes, Theme-junkie and Thrive Themes jaise popular sources se theme purchase kar sakte hain.

9. Apna Computer Virus free Clean Rakhe

Apna computer hamesha virus/malware free rakhe. Popular Antivirus software install karke regular scan kare apna PC. Kabhi bhi untrsuted software apne PC par install na kare.

Agar aapka PC virus se infect hoga to hackers ke liye easy rahata hai aapke computer ko control karna.

10. Strong Password Rakhe

WordPress Login password hamesha strong rakhe. Most of new bloggers apna password 12344, Abcd1314 ya fir short rakhte hai. Ye passwords ko koi bhi guess kar sakte hain.

Hackers aapki site ko hack karne ke liye kayi tools use karte hain jo ek sath thousands login ID and passwords generate karte hain aur aapke wordpress account ko open karne ke liye automatic login details me add hote hain.

Aapka Password hamesha hard aur long hona chahiye. 15-16 character ka password rakhe aur usme A,a@,!,$,%,*,& jaise special character ka sue jarur kare. Aap password manager ka use kar sakte hain.

11. Untrusted site/email open na kare

Apne PC par koi bhi untrusted email ko kabhi bhi open na kare, ho sakta hai kisi hacker ne ise aapke paas send kiya ho aur usme track file ho. Aise email ko dekhte hi delete kar de.

Kabhi bhi untrusted sites par visit na kare. Hamesha trusted sources se hi free software download kare.

12. Use trusted Hosting

Low quality and non-popular hosting aapke liye headache ban sakti hai. Aisi hosting par na aapko best services milti hai aur na hi support. Sath hi security ke liye koi arrangement nahi hota.

Aapko hamesha popular and trusted hosting company se hosting purchase karni chahiye, Hostgator, Bluehost, Siteground jaisi hosting choose kare jo world class hosting provide karti hain.

13. Limit Login Attempt

wordpress par Login attempt ko limit karne se aap Brute-force attack se apni site save kar sakte hain. Jab bhi koi aapki site par login limit ko cross karega uska IP address block ho jayega.

Login attempt ko limit karne ke liye aap Login Lockdown, WP limit login attempt plugins install kar sakte hain.

14. Hide Login Page

Bydefault har wordpress site ka Login address “www.yourwebsite.com/wp-admin/” or “www.yourwebsite.com/wp-login.php” hota hai. hackers ke liye aapki login address janana bahut easy rahta hai.

Login Page ko Hide karne se koi bhi aapke login address ko track nahi kar sakte aur login page access nahi kar sakta. Login page Hide karne ke liye:

  • Rename wp-login php: Aap is plugin se apna Login page change kar sakte hain. Plugin Activate karne ke baad dono default login address inaccessible ho jayenge.
  • Hide login+: Is plugin se aap Login page, forgot password page, Admin area and Logout page ka name change kar sakte hain.

15. Remove WordPress Version Number

By Default aapki site me wordpress version publically show karta hai. Agar aapne wordpress update nahi kiya hai to hackers aapka wordpress version jaankar aapki site ko hack kar sakte hain.

Aapko wordpress version Remove kar dena chahiye. Aap Remove version Plugin install kar sakte hain. Ya fir below code apni theme ke “functions.php” me insert kar version remove kar sakte hain.

remove_action('wp_head', 'wp_generator');

16. Site ko Regular Scan Kare

Apni website ko regular scan kare, jis se koi bhi hacking attempt hone par aap jaruri actions le sake.

Scan karne se aapki site me malware hai ya nahi iska pata chalta hai. Aap site ko Scanning plugins se scan kar sakte hain.

WordPress me site scan karne ke liye Theme authenticity checker, Ultimate security checker, plugin available hai. Aap online Sucuri site check, Codeguard par bhi scanning kar sakte hain.

17. Use Cloudflare Free CDN

Cloudflare aapki site ko brute force attack, Spam visitors and other hacking attempt se secure rakhta hai. Sath hi aapki site ko cache kar fast banata hai.

Cloudflare free CDN sabhi popular hosting free provide karti hain, aap apne hosting Cpanel se free cloudflare activate kar sakte hain.

Advance Tip

Conclusion

Main aapko bus yahi suggest karunga Strong password use kare, best hosting and theme use kare, Daily site ka backup le aur site ke liye special security plugin ka use kare. That;s it!

Comments (0)

Leave a Reply

Your email address will not be published. Required fields are marked *