Double your WordPress Security in 2 easy steps

One of the best things about a WordPress website is that you can login and edit your content yourself. No need to get a webdesigner involved each time you want to add or adjust something. But like for any other system that you can login to, there is a downside: someone else could gain unauthorized access to your website.

Improve your WordPress Security

Luckily, there are a few simple things you can do to greatly improve your WordPress security and make your site safer. They take 5 to 10 minutes each and even if you only do one of them it’s already going to help a lot. So here we go!

1: Change your username into something other than admin

Login to your WordPress website. Is your username ‘admin’? If yes, so is almost everybody else’s and hackers know this. So when someone tries to log into your WordPress dashboard, this is the username they try first.

admin login screen

But you can change it really easily into something that’s way more creative and personal and much harder to guess.

How to change your username

In WordPress you cannot normally change your username. But there are a few ways around that. For example, you can create a new user and then delete the old one. But the easiest thing to do is to install the Username Changer plugin.

Go to Plugins – Add New, find the Username Changer plugin and install and activate it.

install username changer

Now in the menu on the left under Users go to Username Changer. Next select your username and choose a new one. Save your changes and you’re done.

set new current username

You need to log back in with your new username. And it’s best to now uninstall the Username Changer plugin. You can do so by going to Plugins – Installed Plugins and then deactivating and deleting the plugin.

2: Hide your login page

By default you login to your WordPress website by going to yourwebsite.com/wp-admin. Again, hackers know this, but if you change it to something else it will be much harder for anyone but you to login to your dashboard.

How to hide your WordPress login URL

The easiest way to hide your WordPress login page is through a plugin called ‘WPS Hide Login’. Go to Plugins – Add New and search for the WPS Hide Login plugin. After you find it, install and activate the plugin.

install wps hide

activate plugin wps hide

Under Settings – General you’ll now find an item to change the URL of your login page. Set it to whatever you like and save your changes.

new url for login page

As long as you keep this plugin active, your login page is automatically hidden. If you deactivate the plugin everything is back to normal.

So that’s it. With these two simple steps you make it much more difficult for anyone to get into your WordPress dashboard. Chances are they try and fail on the first attempt and move on.

Want to take it further?

There’s much more you can do to improve your website’s security. As standard, we apply a large set of security best-practices to all WordPress installations we do. If you’d like to know more, feel free to get in touch. We’ll be happy to discuss your current setup and help where we can.

[newsletter-signup]