• Home
  • Cisco
  • BackTrack
  • Windows
  • Internet
  • WordPress
  • PhotoShop
Search
Sign in
Welcome! Log into your account
Forgot your password? Get help
Password recovery
Recover your password
A password will be e-mailed to you.
Rumy IT Tips
  • Home
  • Cisco
  • BackTrack
  • Windows
  • Internet
  • WordPress
  • PhotoShop
Home Internet How to Secure your WordPress login page

How to Secure your WordPress login page

Facebook
Twitter
Pinterest
WhatsApp

    How-to-Secure-your-WordPress-login-page

    How to Secure your WordPress login page :-

    Hackers are always trying to do brute-force attack on your WordPress login page to hack your site.

    A Brute Force Attack is when a hacker tries many combinations of usernames and passwords until they succeed in guessing the right combination.

    Due to the fact that at any one time there may be many concurrent login attempts occurring on your site via malicious automated robots, this also has a negative impact on your server’s memory and performance.

    Today i am going to show you How to Secure your WordPress login page ?

    1. Stealth Login Page

    Protect your dashboard with a game-changing authorization code. The login form will never be the same again.

    What it does :-

    Without locking down access via IP address or file permissions, this plugin creates a secret login authorizaiton code. Those who do not enter this additional authorization will be automatcally redirected to a customizable URL.

    This is the first plugin that blocks external bot login requests – login requests must comply with the full login sequence or the request is rejected.

    Download and install this plugin, Now go to the Settings > enable the Stealth mode and enter you authorization code and enter the URL address when any one fails to login, they will redirect to your given URL address.

    How-to-Secure-your-WordPress-login-page1

    now on your login page. you will find the authorization code option.

    How-to-Secure-your-WordPress-login-page2

    2. Login LockDown

    Login LockDown records the IP address and timestamp of every failed login attempt. If more than a certain number of attempts are detected within a short period of time from the same IP range, then the login function is disabled for all requests from that range. This helps to prevent brute force password discovery.

    Download Now and install the Login Lock Down . now go to the Setting and click on the Login Lock down option and update your settings.

    How-to-Secure-your-WordPress-login-page3

    now on the login page you will find the login form protected by Login LockDown.

    How-to-Secure-your-WordPress-login-page4

    3. Cookie based brute Force Login Prevention with All In One WP Security

    All in one WP security firewall is comes with the Cookie based brute Force Login Prevention, that will help you to make you wp-admin as a secret page. instead of www.yourwebsite.com/wp-admin , you can login with the www.yourwebsite.com/?yoursecretcode=1 , that will make your admin page completely hidden for hacker.

    Download and install the All In One WP Security , Go to the Firewall > select the Brute Force Prevention .

    How-to-Secure-your-WordPress-login-page5

    Now Save your featured settings. now it will give you new path for your WordPress admin login.

    How-to-Secure-your-WordPress-login-page6

    4. Use Secure SSL Login Pages

    You can login to WordPress Admin Panel through the encrypted channels with SSL meaning your session URLs will have https://

    try Admin SSL or SSL Subdomain for Multisite plugin for this job.

    5. Never use “admin” Username

    This is the first user that is created when WordPress is installed. You should never use or keep this user. Because in the past multiple loopholes have been found that are linked to Brute Force Attack and admin username, you should refrain from using it. You should create another user using your WordPress admin panel, and assign administrator roles to it. Try to make this username something that is not obvious, so it is harder for the hacker to guess. Then delete the admin user altogether to stay on the safe side.

    6. Limit Access via IP Address

    You can limit access to your WP-Admin Panel and only allow certain IP Addresses to access. All you have to do is create a .htaccess file in /wp-admin/ folder if there is not one there already. Paste the following code:-

    AuthUserFile ‘some htpasswd file’
    AuthGroupFile /dev/null
    AuthName “WordPress Admin Access Control”
    AuthType Basic

    order deny,allow
    deny from all
    Require valid-user
    # whitelist Rumy’s IP address
    allow from xx.xx.xx.xxx
    # whitelist Ghalib’s IP address
    allow from xx.xx.xx.xxx
    Satisfy Any

    The “require valid user” and “satisfy any” lines will force the Apache Server to request a Username and Password before you can access the WordPress Login screen.

    with this setting you can login with own mentioned IP-address and others places also.

    Enjoy your secure wordpress login.

    Also Check :- 

    How to Improve the Security of your WordPress Blog

    How to change your WordPress login logo

    How To Install WordPress on Localhost with Xampp

    How To Create A Custom WordPress 404 Page

    How to Find out What WordPress Theme a Site is Using

    WordPress Site Hacked – Redirecting to Another Site

    Hope you like my post.How to Secure your WordPress login page. Please share with others.

    Facebook
    Twitter
    Pinterest
    WhatsApp
      Previous articleHow to change your WordPress login logo
      Next articleUse Google Chrome as Penetration Testing Tool

      RELATED ARTICLESMORE FROM AUTHOR

      Internet

      Digital Marketing Methods That Might be Right for You

      Internet

      What Are the Benefits of Using a Virtual Office?

      Internet

      Factors to Consider When Looking For Dumpster Rental Services

      • Contact Us
      © All Contents are Copyright to Rumy IT Tips