Hacking websites or blogs is common these days and the worst thing is you will not know that your website is hacked until there is some drastic change in your website. By the time you come to know that your account has been compromised it might be too late and you will not know when your account was hacked. You files might have been modified overtime and these modified files might have been backed up by your website backup software.,It's always better to protect Wordpress blog or any other website of yours to avoid this situation.
Also check: How to backup WordPress Website and Data
[caption id="attachment_2507" align="alignright" width="159"]
Image: Wordpress[/caption]To protect Wordpress is one of the first things that you need to do when you have a new blog setup. To do this, you will have to login to your hosting server and find the .htaccess file which will be in the root directory of your website or blog provided it not installed in some sub-directory. If installed in a sub-directory then this will resides in the top folder of the installation folder. ".htaccess" is a configuration file which is used by many different web servers to avoid global directory configuration settings.
Also check: Must have WordPress Security plugin for a website
Before we go ahead, download this file from hosting server to your local machine as backup so that just in case if something goes wrong you can always use this backed up file. Once you have a backup of .htaccess file either edit the file within hosting server or download this file again and then modify this file. Now at the end paste the below code without modifying it.
# protect wpconfig.php
<files wp-config.php>
order allow,deny
deny from all
</files>
Once you have copied this file, save this file and copy it back to the same directory where it was downloaded from earlier. Just refresh you website just to confirm that your live website is not down. You have to be careful with the space, colon, semicolon etc when you paste the code. Any modification will create problem and might bring down your website. If something goes wrong, then you always have the backup file to replace the corrupt file.
Also check: How to manually disable WordPress plugin
Installing a security plugin like the one mentioned in the link above will auto add this code. Also, it might add few more code lines. It'a always better to protect Wordpress database and website and blog others from accessing your website. This may not be of major concern when your website is small, but will matter a lot as it grows into a huge website full of content.
If you like this post then don’t forget to share it with your friends and follow us on Social Media or subscribe to our blog via email.
No comments:
Post a Comment