How do we protect our Wordpress from hacker?

Question

it's can be apply not only to wordpress. But to all blog platform that can be installed into a server and shared host. so, What do you do via PHP coding or pluggin or any method to secure your installation ?

Answer 1

Limit access to ftp. For this, upload to server file .ftpaccess, and paste following code:

<Limit ALL>
Deny from all
Allow from Your.IP.Address
</Limit>

Also, limit access to most important files (like wp-login.php), uploading in the same folder file .htaccess:

<Files "wp-login.php">
Order Deny,Allow
Deny from all
Allow from Your.IP.Address
</Files>

Answer 2

I suppose you could modify the .htaccess file to deny permission to /wp-admin* if the IP address doesn't match yours.

Answer 3

Being on a shared host is a bad limitation. This prevents you from installing a web application firewall like Mod_Security.

Here is a list of steps you can take to harden your Wordpress installation.