Best Way to Protect Your WordPress Blog from Malware

OnaDavney

New member
Joined
Nov 9, 2013
Messages
11
Points
0
One of my Wordpress blog infected with malware and I have to do some things like re-installed a new fresh copy of Wordpress, remove any plugins and doubting they are sources that virus came..etc

I would like to know some TIPs to protect my Wordpress blog from malware? what are your experience?
 

HCFGrizzly

New member
Joined
Jan 8, 2016
Messages
125
Points
0
One of my Wordpress blog infected with malware and I have to do some things like re-installed a new fresh copy of Wordpress, remove any plugins and doubting they are sources that virus came..etc

I would like to know some TIPs to protect my Wordpress blog from malware? what are your experience?
Your best course of action would be to throw WordPress out of your web server and implement a custom solution.
Even though WordPress has become more and more secure over time, there are still lots of plugins that are begging for hackers to attack your website.
Now I know that probably not using WordPress is not an option for you and because of that you should start by reading this article:

http://codex.wordpress.org/Hardening_WordPress
 

hmb-robert

New member
Joined
Jan 5, 2016
Messages
32
Points
0
Now a days wordpress provides many security and maleware scan plugins. You can easily install them using one click plugin installation option provided by wordpress.
 

velvet

New member
Joined
Feb 14, 2016
Messages
56
Points
0
Hi OnaDavney,
I use both the WordFence plugin, and the following.

And of course use long generated passwords!

cheers, Mal.
 
Last edited by a moderator:

Ron Killian

New member
Joined
Dec 3, 2015
Messages
804
Points
0
I put in another vote for Wordfence. Also helps to keep out the bad guys, like those trying to figure out your password. Well, they are bots, but it helps with that aspect.

Also, obviously very important to keep wordpress, plugins and theme's up to date.

On a side note, having a good host can help. I get emails from mine (automatic), letting me know when new potential problems arise. Also alerts for suspicious files.
 

SenseiSteve

Active member
Joined
Nov 11, 2015
Messages
215
Points
28
One of the things I like about WordFence is, first, the scan, but also the problem notifications, like plugins that need to be updated. Get rid of the admin user for administrator and use long passwords.
 

vishwa

Well-known member
Joined
May 12, 2014
Messages
1,144
Points
63
Yes, Wordfence is really a great plugin for protect your site from hacking and spam. However I believe that we all have to take precautions to protect the site manually for example change your passwords frequently, Don't use nulled themes and plugins, update/replace outdated plugins, monitor your traffic logs etc.. will help you a lot.
 

Localnode

Member
Joined
Dec 15, 2015
Messages
96
Points
18
You can also restrict access to the admin area to a specific IP.
Replace "xx.xxx.xxx.xxx" with your IP
Code:
# BEGIN RESTRICTION
RewriteCond %{REQUEST_URI} ^(.*)?wp-login\.php(.*)$ [OR]
RewriteCond %{REQUEST_URI} ^(.*)?wp-admin$
RewriteCond %{REMOTE_ADDR} !^xx.xxx.xxx.xxx$
RewriteRule ^(.*)$ - [R=403,L]
# END RESTRICTION
If you've changed the admin area (which you should) the above code should reflect those changes.
 

ElixantTechnology

New member
Joined
Nov 26, 2014
Messages
622
Points
0
First of all, don't use any "nulled" or "free download" templates or plugins from third-parties. A lot of the times these downloads are released with the malware hidden within. Next, ensure that you are following best practices for security.
 
Recommended threads

Referral contests

Referral link for :

Sponsors

Popular tags

You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.

Top