How to Secure WordPress – Infographic

Secure WordPress

WordPress has 68% market share as a CMS and powers 20% of the web. WordPress is free to use and is an open-source system. Many developers are working to improve WordPress daily.

The flip side is some hackers are trying to exploit WordPress security vulnerabilities.

WordPress is hacked more often than any other CMS due to its popularity.

The below infographic shows some simple tips to make WordPress more secure. Remember, you can never guarantee 100% safety when it comes to the online world but, the more precautions you take the less likely your site will get hacked.

Secure WordPress

Infographic source: Your Escape From 9 to 5

Start with a Strong Username and Password

Please make sure you are not using the default ‘admin’ username as it is the most likely username hacker’s target. Strengthen all your passwords including emails.

Hosting, Themes, and Plugins

42% of WordPress sites get hacked because of security issues with the host. So review your host, themes, and plugins. Remove unwanted themes and plugins. Test your host’s backups so you can recover if you are ever hacked.

Keep WordPress Up to Date

The most common reason a new WordPress version is made available is due to security patches and updates. So by not updating your WordPress site, you are inviting trouble or maybe hackers. You should also keep plugins and themes updated.

Restrict Unsuccessful Login Attempts

Use a simple WordPress plugin like LoginLockDown to restrict the number of failed login attempts from any given IP range within a pre-defined amount of time.

Use a Content Delivery Network’s (CDN) Firewall

A CDN can not only speed up your website speed but it can also act as a firewall between your host and the rest of the web. The more barriers the better chance of your site being skipped by an intruder.

Consider Two Factor Authentication (2FA)

Some banks use SMS codes as an additional security measure on top on the regular username and password as a means of two-factor authentication. Depending on the data you are trying to protect on your site like credit card information on an eCommerce site you can consider using 2FA.


If you think a small WordPress site is useless to hackers, you may be right. But hackers are not trying to get access to one site they want to control 100s if not 1000s of sites for their illicit activities online. Safeguarding your WordPress site is a proactive measure as you need to strengthen the wall before the war or else you will be breached.

Featured photo credit: Cent Muruganandam via


Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.