3. Change your site's login URL

[zihadhasan012]

That is, a bank containing several combinations of usernames and passwords. When one of them matches, the attacker can enter your website.

Hence the need to replace the URL and eliminate malaysia mobile database the chances of that happening. To do so, use the iThemes security plugin , which allows you to change /wp-admin/ to any other of your choice.

4. Protect the wp-config.php file further
Wp-config.php is a file that contains information about the WordPress installation , it is the most important file on your website, therefore, it must be the most protected against virtual attacks .

Making this file inaccessible is very simple. You just need to move the wp-config.php file to a higher level within your root directory .

WordPress' architecture allows the server to access the file even if it's somewhere else. Hackers won't see it, but WordPress will.

5. Increase protection of the wp-admin directory
Speaking of wp-admin, we must remember that it is the main directory of your WordPress site, so it can be completely corrupted if that part is breached. Therefore, try to protect it with a password so that only the site administrator can access it.

This causes the login page, in addition to displaying a username and password, to also request a second password to grant access.

There are plugins, such as AskApache Password Protect (from the Apache corporation ), that are designed to protect this area. But you can also opt for two-factor authentication, which we'll discuss below.