{"id":4929,"date":"2017-07-27T00:00:00","date_gmt":"2017-07-27T00:00:00","guid":{"rendered":"https:\/\/www.freelancermap.com\/blog\/wordpress-security\/"},"modified":"2024-08-13T15:22:52","modified_gmt":"2024-08-13T13:22:52","slug":"wordpress-security","status":"publish","type":"post","link":"https:\/\/www.freelancermap.com\/blog\/wordpress-security\/","title":{"rendered":"WordPress Hack: 19 Ways to Keep Your Site Secure Against Hackers"},"content":{"rendered":"\n<p><strong>WordPress now powers more than 25% of the world\u2019s websites and almost 50% of the world&#8217;s e-commerce websites &#8211; that&#8217;s a big responsibility for an open source project! WordPress\u2019s simplicity and versatility as a blogging platform, CMS, and web app framework is what makes it so popular, but with so much popularity comes significant risks \u2013 such as keeping it secure.<\/strong> <strong>Find out how to protect your website from hackers.<\/strong><\/p>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" data-src=\"https:\/\/freelancermap.s3.eu-west-1.amazonaws.com\/channel_incl1\/wordpress--18-ways-to-keep-your-site-secure-against-hackers-4929.jpg\" alt=\"Checklist on how to prevent WordPress hacks\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" class=\"lazyload\" \/><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\">How secure is WordPress? <\/h2>\n\n\n\n<p>Based on my experience with WordPress and statistics, <strong>the platform is as safe as any other web platform<\/strong>. It\u2019s not WordPress&#8217;s fault if website admins don\u2019t take the simple steps to at least update the core and\/or plugins and themes that need to be updated.<\/p>\n\n\n\n<div class=\"wp-block-group has-background\" style=\"background-color:#b1c3b7\"><div class=\"wp-block-group__inner-container is-layout-constrained wp-block-group-is-layout-constrained\">\n<p class=\"has-text-align-center has-background\" style=\"background-color:#b1c3b7;font-size:18px\">Join our freelancer community today! <br>Create your profile in just 2 minutes and start attracting new clients.<\/p>\n\n\n<div class=\"su-button-center\"><a href=\"https:\/\/www.freelancermap.com\/registration?ref=blog-com-wordpress-security\" class=\"su-button su-button-style-default\" style=\"color:#222222;background-color:#FCF2DB;border-color:#cac2b0;border-radius:20px\" target=\"_self\"><span style=\"color:#222222;padding:0px 20px;font-size:16px;line-height:32px;border-color:#fdf6e6;border-radius:20px;text-shadow:none\"> <strong>Sign up for free<\/strong><\/span><\/a><\/div><\/br><\/p>\n<\/div><\/div>\n\n\n\n<h2 class=\"wp-block-heading\">Why WordPress is on the good side of fighting off hackers<\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>It is updated often (WordPress core itself and plugins\/theme associated)<\/li>\n\n\n\n<li>It takes things seriously: when vulnerability is reported the WordPress contributors and core of developers usually fix the issue in a matter of hours or very few days<\/li>\n\n\n\n<li>WordPress core is open source and its code can be reviewed for issues by the whole world<\/li>\n\n\n\n<li>The core also has bug bounty programs<\/li>\n\n\n\n<li>They have a security team always available and ready 24\/7<\/li>\n\n\n\n<li>They have set standards (coding references) on how a developer who wants to extend WordPress using plugins\/themes should do this.<\/li>\n<\/ul>\n\n\n\n<p>It\u2019s fair to say that WordPress takes the issue of security very seriously. Even some bigger companies don\u2019t have this kind of organization when it comes to dealing with security, proactively and reactively.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Is WordPress 100% safe?<\/h2>\n\n\n\n<p>Unfortunately, not. Indeed WordPress is doing a great job on fighting off security issues, vulnerabilities on the core, etc. but still there is the possibility of bugs\/exploitation points that a dedicated hacker might use to gain access to private information or even take over the website completely! However, at the least WordPress is as safe as any other platform in the wild west of CMS-s.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Tips on how to protect your WordPress website from hackers<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>1) Keep everything up to date (WordPress Core, Plugins and Themes)<\/strong><\/h3>\n\n\n\n<p>Based on stats, the most used attack vector for hackers against WordPress based websites, have been outdated plugins, themes and the WordPress core itself. We all remember the TimThumb issue which affects a lot of websites a few years ago since it was a library integrated into hundreds of plugins and themes. To protect against such vulnerability the solution was easy, update the plugin\/s, theme\/s that were affected.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>2) Change all WordPress defaults<\/strong><\/h3>\n\n\n\n<p>Start by not using admin as the username for the admin of your website. Change the WordPress table&#8217;s prefix. Change WordPress salt keys (you can change the WordPress salt keys on wp-config.php).<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>3) Use a strong password<\/strong><\/h3>\n\n\n\n<p>WordPress, as all other CMS-s by default, is vulnerable to brute-force attacks (we will come to how to deal with those soon), so first of all, use a hard-to-guess password. Use a password that contains numbers, characters, and special characters. A password of more than 12 characters composed of numbers, characters and special characters (@#!, etc.) is very hard to break for most hackers.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>4) Activate dual-factor authentication<\/strong><\/h3>\n\n\n\n<p>WordPress by default (as most of the other big CMS-s) does not offer a default 2FA system. However, integrating it into the platform is not such a big deal anymore.<\/p>\n\n\n\n<p>For more information on this, you can read the official <a href=\"https:\/\/codex.wordpress.org\/Two_Step_Authentication\" target=\"_blank\" rel=\"noreferrer noopener\">WordPress tutorial here.<\/a><\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>5) Never use nulled themes\/plugins<\/strong><\/h3>\n\n\n\n<p>We have to admit it though, we all have used a nulled theme and\/or plugin at least once. The thing is, we can\u2019t expect WordPress to protect us from ourselves, we can\u2019t expect everything to work correctly when we don\u2019t know what plugin have we installed on our website.<\/p>\n\n\n\n<p>Based on stats, nulled plugins\/themes are one of the most used attack vectors from hackers to gain access to a WordPress based website. So if you want your website to be safe, especially in a production environment, never install a nulled theme or plugin.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>6) Always install themes\/plugins from trusted sources<\/strong><\/h3>\n\n\n\n<p>This is complementary to the previous security checklist item (never use nulled themes and plugins). When you install a WordPress theme from WordPress theme directory, that theme has been manually reviewed by the WordPress Theme Review Team so it should be good to use.<\/p>\n\n\n\n<p>A theme that you download from another source might not be reviewed at all might even contain some malicious code inside \u2013 and the same goes for when you need to choose a plugin. Another thing to keep in mind here, WordPress is evolving daily. So when you are about to choose a plugin for example from WordPress Plugins directory, always see when was the last time that the plugin was updated.<\/p>\n\n\n\n<p>A plugin that has not been updated in a while (more than 1 year for example) should be treated with suspicion. It could be that the developer has abandoned it as a project and in the future, you might be end-up using an outdated plugin, which means a possible vulnerability in the future.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>7) Remove all un-used plugins\/themes<\/strong><\/h3>\n\n\n\n<p>Remove all unneeded and unused plugins and themes. Even deactivated plugins might have security problems. Even though the plugin might be deactivated a hacker might use it as an attack vector, if he finds a vulnerability in that plugin he will use it against you.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>8) Properly configure files and folder permissions<\/strong>&nbsp;<\/h3>\n\n\n\n<p>All directories should be 755 or 750 &#8211; All files should be 644 or 640 &#8211; wp-config.php should be 600<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>9) Harden protection of wp-config and htaccess file<\/strong><\/h3>\n\n\n\n<p>Use this code:<\/p>\n\n\n\n<p>&lt;files wp-config.php&gt;<br>Order allow,deny<br>deny from all<br>&lt;\/files&gt;<\/p>\n\n\n\n<p>&lt;files .htaccess&gt;<br>order allow,deny<br>deny from all<br>&lt;\/files&gt;<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>10) Security by Obscurity<\/strong><\/h3>\n\n\n\n<p>Now there are some people that say Security by Obscurity is not a real protection layer for your website, but in my opinion, it is.<\/p>\n\n\n\n<p>After all, security is a concept &#8211; it just means making things harder for anyone that is trying to gain access to your website for whatever motive. Based on this &#8220;definition&#8221;, if security by obscurity helps make things harder, then why not use the added layer of protection.<\/p>\n\n\n\n<p>&#8211; Hide wp-admin and other login related url-s: The WordPress default login url is wp-admin and or wp-login.php. Hiding it would make it harder for hackers to brute-force their way on the backend of your website. Most of the hackers use automated tools (scanning tools, bots) to try your website for possible security problems, so hiding wp-admin would make their automated tests, automatically fail. No more brute-force problems!<\/p>\n\n\n\n<p>&#8211; If not needed disable author archives and\/or don\u2019t show author username in posts. By showing the username of the author who posted a post, you have immediately told the hacker your username. So if you are the only author on your website it could be better to just disable author archives completely, remove links to author archives in the theme, modify your theme so it doesn\u2019t show the author archive or at least doesn\u2019t show the author username in the front end.<\/p>\n\n\n\n<p>&#8211; Disable Directory Indexing and Browsing: When a folder has no index.html\/index.php file and if that folder is accessed via a web browser, a list of files\/folders will be shown. This can pose a security problem since it might expose the plugins\/themes used on your website. A dedicated hacker might use this info to search for vulnerabilities on these plugin\/s theme\/s and then achieve his goal of gaining access to your website.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>11) Limit login attempts<\/strong><\/h3>\n\n\n\n<p>By default, WordPress does not have this feature integrated into its core, but there are a lot of plugins we can use to implement this feature in order to eliminate brute-force attempts on our website:<br>&#8211; Limit Login Attempts<br>&#8211; iThemes Security 1<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>12) Remove WordPress related info from the front end<\/strong><\/h3>\n\n\n\n<p>Hackers use automated tools to scan websites for vulnerabilities. Initially, they do a scan to just identify the CMS and\/or other libraries used on the website, then when they know the CMS used they try a different kind of vulnerability attack for that kind of CMS and see if 1 of them helps them to gain access to your website (all of this is automated). So that\u2019s why giving the less info possible to the hackers is always a good idea.<\/p>\n\n\n\n<p>Add this code on your functions.php inside your active theme: remove_action(&#8216;wp_head&#8217;, &#8216;wp_generator&#8217;);<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>13) Configure user roles correctly<\/strong><\/h3>\n\n\n\n<p>In the case of your website having a registration form, always configure the user role for the new users correctly. WordPress by default adds the new users in the user role Subscriber, which is good in the security point of view. If you decide that you need to change this though, select the user role of the newly added users correctly.<\/p>\n\n\n\n<p>Always keep in mind the principle of least privilege. Everyone should have the privilege to access only what he should have to, a simple user doesn\u2019t need to have access to plugins\/themes for example.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>14) Disable editing of plugins\/themes from backend<\/strong>&nbsp;<\/h3>\n\n\n\n<p>define( &#8216;DISALLOW_FILE_EDIT&#8217;, true ); By adding this code on wp-config.php, you disable the theme and plugin editor in backend. No one (including the admin user) will be able to edit themes or plugins from the backend.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>15) Disable errors from showing on production server<\/strong><\/h3>\n\n\n\n<p>Now while we work on development environments we need to have errors shown or at least logged somewhere so we can debug problems showing while developing. In a production environment it is recommended not to show errors or log them, or if we need to log them the log file shouldn\u2019t be accessible via browser or it would give the hackers a way for them to identify possible issues with our website and use that against us.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>16) Disable XML-RPC<\/strong><\/h3>\n\n\n\n<p>XML-RPC is one of the least used features in my opinion. XML-RPC can be used for a lot of things but the thing it is used for more and more is used to hack your website. So disabling it (until WordPress decides to remove its support), could be a good idea.<\/p>\n\n\n\n<p>After all, some of the features that XML-RPC covers, now or in the future will be completely covered from the new WordPress REST API which should in one way or another minimize the need to keep using XML-RPC.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>17) Use a good hosting company<\/strong><\/h3>\n\n\n\n<p>Now one of the main attack vectors used on WordPress websites is the hosts being configured incorrectly. For example, you are on a shared host, one of the other websites hosted on the same host as you gets hacked and the malware spreads even on the other websites hosted on that same host.<\/p>\n\n\n\n<p>Usually this shouldn\u2019t happen:&nbsp;usually, malwares shouldn\u2019t access files\/folder above the root of their current website, but if this happens it means that something is badly configured from the hosting company. Normally good hosting company don\u2019t do this kind of mistakes so before deciding where to host your website, always see reviews.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>18) Use security plugins for WordPress <\/strong><\/h3>\n\n\n\n<p>I wouldn\u2019t want my recommendations here to look like an affiliation with these plugins. I\u2019m basing my recommendations firstly on personal experience than from global feedback. I would recommend using these plugins\/tools to protect your website:<br>&#8211; iThemes Security (security plugin)<br>&#8211; Sucuri Security (security plugin)<br>&#8211; WordFence Security (security plugin)<br>&#8211; Cloudflare (CDN and Firewall)<\/p>\n\n\n\n<p>For the full list of features that each plugins has i would advise to check out each plugin since there are a lot more features then I can cover here!<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>19) Be pro-active when it comes to being safe<\/strong><\/h3>\n\n\n\n<p>When it comes to security, we have an axiom: there is no 100% being safe in the information world. No matter how hard we try, how many layers of security we add, we might go to 99% but never 100%. That\u2019s because there are still a lot of factors not in our hands.<\/p>\n\n\n\n<p>If one of those elements is vulnerable the whole system is vulnerable. Having said that, we need to always be proactive, in other words to be ready for whatever it comes, whenever it comes. By being ready I mean at least having a backup in place and having a plan of action on how to deal when bad things happen.<\/p>\n\n\n\n<p>Regarding the backup, there is no 1 rule for all since there are very high traffic sites that might need a backup every day, there are others that might need backup every week, etc. But i will leave that to you to choose the right backup for you based on your experience. I would recommend though to have a backup at least in two copies and well don\u2019t just do the backups, test them also from time to time (at least).<\/p>\n\n\n\n<p>You need to know the backup you have is ready to be restored if anything happens, you can\u2019t afford to do the restore test on live website if the backup you have is not correct.<\/p>\n\n\n\n<p>As for how to deal when you get hacked (plan of action) since it\u2019s a very broad topic it could be better if i write another article for that specific topic.<\/p>\n\n\n\n<p>Until then, I hope you liked this post and hope it helps you making your WordPress website even safer!<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><a href=\"https:\/\/www.freelancermap.com\/registration?ref=blog-com-wordpress-security\"><img decoding=\"async\" width=\"1024\" height=\"297\" data-src=\"https:\/\/www.freelancermap.com\/blog\/wp-content\/uploads\/2024\/07\/cta-blog-freelancermap-sign-up.png\" alt=\"Looking for freelance projects? Register for free on freelancermap and land new clients a 0% commission fees\" class=\"wp-image-42927 lazyload\" data-srcset=\"https:\/\/www.freelancermap.com\/blog\/wp-content\/uploads\/2024\/07\/cta-blog-freelancermap-sign-up.png 1024w, https:\/\/www.freelancermap.com\/blog\/wp-content\/uploads\/2024\/07\/cta-blog-freelancermap-sign-up-300x87.png 300w, https:\/\/www.freelancermap.com\/blog\/wp-content\/uploads\/2024\/07\/cta-blog-freelancermap-sign-up-768x223.png 768w, https:\/\/www.freelancermap.com\/blog\/wp-content\/uploads\/2024\/07\/cta-blog-freelancermap-sign-up-720x209.png 720w, https:\/\/www.freelancermap.com\/blog\/wp-content\/uploads\/2024\/07\/cta-blog-freelancermap-sign-up-580x168.png 580w, https:\/\/www.freelancermap.com\/blog\/wp-content\/uploads\/2024\/07\/cta-blog-freelancermap-sign-up-320x93.png 320w\" data-sizes=\"(max-width: 1024px) 100vw, 1024px\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" style=\"--smush-placeholder-width: 1024px; --smush-placeholder-aspect-ratio: 1024\/297;\" \/><\/a><\/figure>\n\n\n\n<p>Also interesting:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>WordPress now powers more than 25% of the world\u2019s websites and almost 50% of the world&#8217;s e-commerce websites &#8211; that&#8217;s a big responsibility for an open source project!  WordPress\u2019s simplicity and versatility as a blogging platform, CMS, and web app framework is what makes it so popular, but with so much popularity comes significant risks \u2013 such as keeping it secure.<\/p>\n","protected":false},"author":3079,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_kad_blocks_custom_css":"","_kad_blocks_head_custom_js":"","_kad_blocks_body_custom_js":"","_kad_blocks_footer_custom_js":"","footnotes":""},"categories":[3407,3006],"tags":[3726],"class_list":["post-4929","post","type-post","status-publish","format-standard","hentry","category-management","category-marketing","tag-security"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.4 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>WordPress: 19 Ways to Secure Your Website Against Hackers<\/title>\n<meta name=\"description\" content=\"As a freelancer, you probably have a website based on WordPress. Discover 19 tips on how to protect it from hackers.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.freelancermap.com\/blog\/wordpress-security\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"WordPress: 19 Ways to Secure Your Website Against Hackers\" \/>\n<meta property=\"og:description\" content=\"As a freelancer, you probably have a website based on WordPress. Discover 19 tips on how to protect it from hackers.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.freelancermap.com\/blog\/wordpress-security\/\" \/>\n<meta property=\"og:site_name\" content=\"Freelancer Blog\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/freelancermapInternational\/\" \/>\n<meta property=\"article:published_time\" content=\"2017-07-27T00:00:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-08-13T13:22:52+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/freelancermap.s3.eu-west-1.amazonaws.com\/channel_incl1\/wordpress--18-ways-to-keep-your-site-secure-against-hackers-4929.jpg\" \/>\n<meta name=\"author\" content=\"Arber Braja\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@freelancer_INT\" \/>\n<meta name=\"twitter:site\" content=\"@freelancer_INT\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Arber Braja\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"11 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.freelancermap.com\/blog\/wordpress-security\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.freelancermap.com\/blog\/wordpress-security\/\"},\"author\":{\"name\":\"Arber Braja\",\"@id\":\"https:\/\/www.freelancermap.com\/blog\/#\/schema\/person\/92e6502037e3eda421129baa9f8b16cc\"},\"headline\":\"WordPress Hack: 19 Ways to Keep Your Site Secure Against Hackers\",\"datePublished\":\"2017-07-27T00:00:00+00:00\",\"dateModified\":\"2024-08-13T13:22:52+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.freelancermap.com\/blog\/wordpress-security\/\"},\"wordCount\":2294,\"publisher\":{\"@id\":\"https:\/\/www.freelancermap.com\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.freelancermap.com\/blog\/wordpress-security\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/freelancermap.s3.eu-west-1.amazonaws.com\/channel_incl1\/wordpress--18-ways-to-keep-your-site-secure-against-hackers-4929.jpg\",\"keywords\":[\"Security\"],\"articleSection\":[\"Management\",\"Marketing &amp; Clients\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.freelancermap.com\/blog\/wordpress-security\/\",\"url\":\"https:\/\/www.freelancermap.com\/blog\/wordpress-security\/\",\"name\":\"WordPress: 19 Ways to Secure Your Website Against Hackers\",\"isPartOf\":{\"@id\":\"https:\/\/www.freelancermap.com\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.freelancermap.com\/blog\/wordpress-security\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.freelancermap.com\/blog\/wordpress-security\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/freelancermap.s3.eu-west-1.amazonaws.com\/channel_incl1\/wordpress--18-ways-to-keep-your-site-secure-against-hackers-4929.jpg\",\"datePublished\":\"2017-07-27T00:00:00+00:00\",\"dateModified\":\"2024-08-13T13:22:52+00:00\",\"description\":\"As a freelancer, you probably have a website based on WordPress. Discover 19 tips on how to protect it from hackers.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.freelancermap.com\/blog\/wordpress-security\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.freelancermap.com\/blog\/wordpress-security\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.freelancermap.com\/blog\/wordpress-security\/#primaryimage\",\"url\":\"https:\/\/freelancermap.s3.eu-west-1.amazonaws.com\/channel_incl1\/wordpress--18-ways-to-keep-your-site-secure-against-hackers-4929.jpg\",\"contentUrl\":\"https:\/\/freelancermap.s3.eu-west-1.amazonaws.com\/channel_incl1\/wordpress--18-ways-to-keep-your-site-secure-against-hackers-4929.jpg\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.freelancermap.com\/blog\/wordpress-security\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.freelancermap.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"WordPress Hack: 19 Ways to Keep Your Site Secure Against Hackers\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.freelancermap.com\/blog\/#website\",\"url\":\"https:\/\/www.freelancermap.com\/blog\/\",\"name\":\"Freelancer Blog\",\"description\":\"Tips &amp; Practical Advice for Freelancers and IT professionals\",\"publisher\":{\"@id\":\"https:\/\/www.freelancermap.com\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.freelancermap.com\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.freelancermap.com\/blog\/#organization\",\"name\":\"freelancermap.com\",\"url\":\"https:\/\/www.freelancermap.com\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.freelancermap.com\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.freelancermap.com\/blog\/wp-content\/uploads\/2025\/02\/freelancermap-black-logo@4x.png\",\"contentUrl\":\"https:\/\/www.freelancermap.com\/blog\/wp-content\/uploads\/2025\/02\/freelancermap-black-logo@4x.png\",\"width\":1044,\"height\":145,\"caption\":\"freelancermap.com\"},\"image\":{\"@id\":\"https:\/\/www.freelancermap.com\/blog\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/freelancermapInternational\/\",\"https:\/\/x.com\/freelancer_INT\",\"https:\/\/www.linkedin.com\/company\/freelancermap-gmbh\/\",\"https:\/\/www.instagram.com\/freelancermap_int\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.freelancermap.com\/blog\/#\/schema\/person\/92e6502037e3eda421129baa9f8b16cc\",\"name\":\"Arber Braja\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.freelancermap.com\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/248bb1a25d0c4147c4f6d4f2e7cf7cd1?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/248bb1a25d0c4147c4f6d4f2e7cf7cd1?s=96&d=mm&r=g\",\"caption\":\"Arber Braja\"},\"description\":\"Arber Braja is a Frontend Team Leader working at Manoolia, a Web Development agency and he also runs his own Web Development agency and consults regarding Web Design, Web Development, SEO and Web Security at arbraja.com.\",\"sameAs\":[\"http:\/\/www.arbraja.com\"],\"url\":\"https:\/\/www.freelancermap.com\/blog\/author\/arber-braja\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"WordPress: 19 Ways to Secure Your Website Against Hackers","description":"As a freelancer, you probably have a website based on WordPress. Discover 19 tips on how to protect it from hackers.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.freelancermap.com\/blog\/wordpress-security\/","og_locale":"en_US","og_type":"article","og_title":"WordPress: 19 Ways to Secure Your Website Against Hackers","og_description":"As a freelancer, you probably have a website based on WordPress. Discover 19 tips on how to protect it from hackers.","og_url":"https:\/\/www.freelancermap.com\/blog\/wordpress-security\/","og_site_name":"Freelancer Blog","article_publisher":"https:\/\/www.facebook.com\/freelancermapInternational\/","article_published_time":"2017-07-27T00:00:00+00:00","article_modified_time":"2024-08-13T13:22:52+00:00","og_image":[{"url":"https:\/\/freelancermap.s3.eu-west-1.amazonaws.com\/channel_incl1\/wordpress--18-ways-to-keep-your-site-secure-against-hackers-4929.jpg"}],"author":"Arber Braja","twitter_card":"summary_large_image","twitter_creator":"@freelancer_INT","twitter_site":"@freelancer_INT","twitter_misc":{"Written by":"Arber Braja","Est. reading time":"11 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.freelancermap.com\/blog\/wordpress-security\/#article","isPartOf":{"@id":"https:\/\/www.freelancermap.com\/blog\/wordpress-security\/"},"author":{"name":"Arber Braja","@id":"https:\/\/www.freelancermap.com\/blog\/#\/schema\/person\/92e6502037e3eda421129baa9f8b16cc"},"headline":"WordPress Hack: 19 Ways to Keep Your Site Secure Against Hackers","datePublished":"2017-07-27T00:00:00+00:00","dateModified":"2024-08-13T13:22:52+00:00","mainEntityOfPage":{"@id":"https:\/\/www.freelancermap.com\/blog\/wordpress-security\/"},"wordCount":2294,"publisher":{"@id":"https:\/\/www.freelancermap.com\/blog\/#organization"},"image":{"@id":"https:\/\/www.freelancermap.com\/blog\/wordpress-security\/#primaryimage"},"thumbnailUrl":"https:\/\/freelancermap.s3.eu-west-1.amazonaws.com\/channel_incl1\/wordpress--18-ways-to-keep-your-site-secure-against-hackers-4929.jpg","keywords":["Security"],"articleSection":["Management","Marketing &amp; Clients"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.freelancermap.com\/blog\/wordpress-security\/","url":"https:\/\/www.freelancermap.com\/blog\/wordpress-security\/","name":"WordPress: 19 Ways to Secure Your Website Against Hackers","isPartOf":{"@id":"https:\/\/www.freelancermap.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.freelancermap.com\/blog\/wordpress-security\/#primaryimage"},"image":{"@id":"https:\/\/www.freelancermap.com\/blog\/wordpress-security\/#primaryimage"},"thumbnailUrl":"https:\/\/freelancermap.s3.eu-west-1.amazonaws.com\/channel_incl1\/wordpress--18-ways-to-keep-your-site-secure-against-hackers-4929.jpg","datePublished":"2017-07-27T00:00:00+00:00","dateModified":"2024-08-13T13:22:52+00:00","description":"As a freelancer, you probably have a website based on WordPress. Discover 19 tips on how to protect it from hackers.","breadcrumb":{"@id":"https:\/\/www.freelancermap.com\/blog\/wordpress-security\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.freelancermap.com\/blog\/wordpress-security\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.freelancermap.com\/blog\/wordpress-security\/#primaryimage","url":"https:\/\/freelancermap.s3.eu-west-1.amazonaws.com\/channel_incl1\/wordpress--18-ways-to-keep-your-site-secure-against-hackers-4929.jpg","contentUrl":"https:\/\/freelancermap.s3.eu-west-1.amazonaws.com\/channel_incl1\/wordpress--18-ways-to-keep-your-site-secure-against-hackers-4929.jpg"},{"@type":"BreadcrumbList","@id":"https:\/\/www.freelancermap.com\/blog\/wordpress-security\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.freelancermap.com\/blog\/"},{"@type":"ListItem","position":2,"name":"WordPress Hack: 19 Ways to Keep Your Site Secure Against Hackers"}]},{"@type":"WebSite","@id":"https:\/\/www.freelancermap.com\/blog\/#website","url":"https:\/\/www.freelancermap.com\/blog\/","name":"Freelancer Blog","description":"Tips &amp; Practical Advice for Freelancers and IT professionals","publisher":{"@id":"https:\/\/www.freelancermap.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.freelancermap.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.freelancermap.com\/blog\/#organization","name":"freelancermap.com","url":"https:\/\/www.freelancermap.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.freelancermap.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.freelancermap.com\/blog\/wp-content\/uploads\/2025\/02\/freelancermap-black-logo@4x.png","contentUrl":"https:\/\/www.freelancermap.com\/blog\/wp-content\/uploads\/2025\/02\/freelancermap-black-logo@4x.png","width":1044,"height":145,"caption":"freelancermap.com"},"image":{"@id":"https:\/\/www.freelancermap.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/freelancermapInternational\/","https:\/\/x.com\/freelancer_INT","https:\/\/www.linkedin.com\/company\/freelancermap-gmbh\/","https:\/\/www.instagram.com\/freelancermap_int\/"]},{"@type":"Person","@id":"https:\/\/www.freelancermap.com\/blog\/#\/schema\/person\/92e6502037e3eda421129baa9f8b16cc","name":"Arber Braja","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.freelancermap.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/248bb1a25d0c4147c4f6d4f2e7cf7cd1?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/248bb1a25d0c4147c4f6d4f2e7cf7cd1?s=96&d=mm&r=g","caption":"Arber Braja"},"description":"Arber Braja is a Frontend Team Leader working at Manoolia, a Web Development agency and he also runs his own Web Development agency and consults regarding Web Design, Web Development, SEO and Web Security at arbraja.com.","sameAs":["http:\/\/www.arbraja.com"],"url":"https:\/\/www.freelancermap.com\/blog\/author\/arber-braja\/"}]}},"taxonomy_info":{"category":[{"value":3407,"label":"Management"},{"value":3006,"label":"Marketing &amp; Clients"}],"post_tag":[{"value":3726,"label":"Security"}]},"featured_image_src_large":false,"author_info":{"display_name":"Arber Braja","author_link":"https:\/\/www.freelancermap.com\/blog\/author\/arber-braja\/"},"comment_info":0,"category_info":[{"term_id":3407,"name":"Management","slug":"management","term_group":0,"term_taxonomy_id":3407,"taxonomy":"category","description":"<span data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;Freelancer tips for increasing productivity, developing systems and strategies, staying disciplined and managing a business efficiently. Business tools, business resources and more!&quot;}\" data-sheets-userformat=\"{&quot;2&quot;:4865,&quot;3&quot;:{&quot;1&quot;:0},&quot;11&quot;:4,&quot;12&quot;:0,&quot;15&quot;:&quot;Roboto&quot;}\">Freelancer tips for increasing productivity, developing systems and strategies, staying disciplined, and managing a business efficiently. Business tools, resources, and more!<\/span>","parent":0,"count":45,"filter":"raw","cat_ID":3407,"category_count":45,"category_description":"<span data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;Freelancer tips for increasing productivity, developing systems and strategies, staying disciplined and managing a business efficiently. Business tools, business resources and more!&quot;}\" data-sheets-userformat=\"{&quot;2&quot;:4865,&quot;3&quot;:{&quot;1&quot;:0},&quot;11&quot;:4,&quot;12&quot;:0,&quot;15&quot;:&quot;Roboto&quot;}\">Freelancer tips for increasing productivity, developing systems and strategies, staying disciplined, and managing a business efficiently. Business tools, resources, and more!<\/span>","cat_name":"Management","category_nicename":"management","category_parent":0},{"term_id":3006,"name":"Marketing &amp; Clients","slug":"marketing","term_group":0,"term_taxonomy_id":3006,"taxonomy":"category","description":"<span data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;Marketing tips for freelancers and entrepreneurs. Learn how to market yourself, how to attract the right clients, or how to leverage social media or e-mail marketing! &quot;}\" data-sheets-userformat=\"{&quot;2&quot;:4865,&quot;3&quot;:{&quot;1&quot;:0},&quot;11&quot;:4,&quot;12&quot;:0,&quot;15&quot;:&quot;Roboto&quot;}\">Marketing tips for freelancers and entrepreneurs. Learn how to market yourself, how to attract the right clients, or how to leverage social media or e-mail marketing! <\/span>","parent":0,"count":150,"filter":"raw","cat_ID":3006,"category_count":150,"category_description":"<span data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;Marketing tips for freelancers and entrepreneurs. Learn how to market yourself, how to attract the right clients, or how to leverage social media or e-mail marketing! &quot;}\" data-sheets-userformat=\"{&quot;2&quot;:4865,&quot;3&quot;:{&quot;1&quot;:0},&quot;11&quot;:4,&quot;12&quot;:0,&quot;15&quot;:&quot;Roboto&quot;}\">Marketing tips for freelancers and entrepreneurs. Learn how to market yourself, how to attract the right clients, or how to leverage social media or e-mail marketing! <\/span>","cat_name":"Marketing &amp; Clients","category_nicename":"marketing","category_parent":0}],"tag_info":[{"term_id":3726,"name":"Security","slug":"security","term_group":0,"term_taxonomy_id":3726,"taxonomy":"post_tag","description":"","parent":0,"count":1,"filter":"raw"}],"_links":{"self":[{"href":"https:\/\/www.freelancermap.com\/blog\/wp-json\/wp\/v2\/posts\/4929"}],"collection":[{"href":"https:\/\/www.freelancermap.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.freelancermap.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.freelancermap.com\/blog\/wp-json\/wp\/v2\/users\/3079"}],"replies":[{"embeddable":true,"href":"https:\/\/www.freelancermap.com\/blog\/wp-json\/wp\/v2\/comments?post=4929"}],"version-history":[{"count":2,"href":"https:\/\/www.freelancermap.com\/blog\/wp-json\/wp\/v2\/posts\/4929\/revisions"}],"predecessor-version":[{"id":43542,"href":"https:\/\/www.freelancermap.com\/blog\/wp-json\/wp\/v2\/posts\/4929\/revisions\/43542"}],"wp:attachment":[{"href":"https:\/\/www.freelancermap.com\/blog\/wp-json\/wp\/v2\/media?parent=4929"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.freelancermap.com\/blog\/wp-json\/wp\/v2\/categories?post=4929"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.freelancermap.com\/blog\/wp-json\/wp\/v2\/tags?post=4929"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}