Complete Security Tutorial for a WordPress Blog

After several specific posts on WordPress security and best practices to secure your WordPress blog, i would summarize each of the tutorials on a single post here as it could be a complete round up of all the security practices.

• How to secure your Blog from Hackers
• Recommended File and Folder settings for your WordPress blog
• How to enable Content Locking on your Blog
• How to improve WordPress Blog settings
• How to do a health check for your WordPress blog

How to Improve Gmail Account Security

With millions of eMail accounts hacked on a daily basis, Google email or Gmail has come up with an excellent solution binding the email account login with a two step verification bundeling it with a code verification from your mobile phone.

When you log in from a computer you don’t normally use, Gmail will ask you for your password and a code that you receive on your mobile phone. This will help prevent strangers from accessing your account with just a stolen password as its a combination of token and pin from your mobile phone.

This mechanism will not want you to enter the code each time you login in, basically you can remember your regular computer on the system hence enabling you to protect your account form other computer access only.

What is Content Locking and How to enable it?

Content Locking is an amazing method to treat your regular and privileged blog visitors with exclusive content. Its the method of locking a particular section of your blog or webpage to limit viewing to only people who have the global password to access the content. Content locking is an amazing method to make your loyal visitors feel special and also this encourages your visitors to stick to your website or blog. You could opt to send the “special unlock code” to your email subscribers or RSS feed users for them to unlock and view the content.

How to Enable Content Locking?

How to Setup Security and Performance Alerts for your Blog: 

Nowadays with increasing security risks and competition, its important that as a webmaster that you are on your toes! Today we would discuss on how to configure your blog to report important security risks and issues to your email on a real time basis for your WordPress Blog.

Reporting Downtimes using a plugin: Your blog’s downtime can be easily reported out to you with the help of a plugin that installs a “agent” on your web server and each time the agent is not responding to the uptime check, it will shoot an email to the admin, hence giving you a chance to reduce the blog’s down time. The plugin I personally use on this blog to configure the downtime alert is called “WSD” or WebSite Defender WordPress Security Plugin. This plugin can be installed just like any other WordPress plugin from the admin dashboard page.

Reporting Real time Security Incidents on your Blog: Knowing and attending to security issues or events on a real time basis can be quite very challenging for any webmaster. The same WebSite Defender plugin has a feature to enable reporting of security events to your email on real time basis. The security event could be any brute force attempt, change in file or file permissions, database issues etc. In addition, this plugin also suggests you for the security best practices you should adopt in addition with suitable recommendations.

In addition, with WebsiteDefender you can:

Recommended File and Folder Permissions for your WordPress blog Installation

How to reset the WordPress Admin Password through an SQL Query

It happens many a times that we tend to forget passwords! WordPress passwords aren’t any different – In case you forget your admin dashboard login password and would like to recover it, the only option from the front end is to use the “forgot password” link. In case you even forgot the email ID used or the password to recover that, you still have a way out!

Login to your webhosting Cpanel (reset that from your web host if you are not sure of that one also) and open the program called PhpMyAdmin. This allows you to access the database on which the WordPress blog is created on, simply click on the Database name and on the top panels you should find a “SQL” tab on the window as shown below. All you have to do is paste the below query and replace the “newpassword” with the one of your choice and it resets the admin password to the new one of your choice.