Now a day’s, some hosting company have to inform every user about a CMS site being hacked or a sensitive database being compromised hits the web … and freaks everyone out. CMS is a most popular and easy part to develop a website.Most popular cms are wordpress,joomla using php and mysql. wordpress is is well configured cms and most popular blogging cms. But all CMS have a fixed code and functionality, so the hackers try to find vulnerabilities in WordPress and exploit them to crack them.
some of important part to notic when you creating a blog in wordpress.
Please don’t use more unwanted plugins. also here are some nice WordPress plugins that make your site more secure, I believe I use WP-Secure for sites.
2- Secure Hosting
If your hosting provider itself is not providing you any security, then you are in real trouble. There have been many cases when hundreds of blogs got hacked in minutes due to poor hosting security.
3- Username password security
Taking a strong password is the tip that you probably have read in almost all security related articles. The password is the key to the lock that opens up your admin panel. So choosing a very strong password is extremely essential.
4- Use .httaccess and config file
for secure the admin folder use httaccess file in server make wp-admin directory name change , secure by IP access, blok some area of access etc, .HTACCESS file also contains very important data which are required to secure your blog. So, change the permissions of this file so that it becomes unreadable and un-writable by others. Also, do not forget to disable directory browsing, so that hackers do not get any chance to view the directories on your server.
The wp-config.php file contains very sensitive data of your WordPress blog, so securing it is very important. All you need to do is change the permissions strictly and move the file one step up from your main folder.
5- Backup: Files & Database
BackupBuddy is a fantastic WordPress plugin to automate full-site backups. However, there are many free alternatives in the WordPress plugin directory that can also get the job done. For example, WordPress Backup to Dropbox. Keeping regular backups offline is ideal for a WordPress website so it can be restored if something did happen.