After you have finished to build a WordPress blog and published to Internet, everyone can access to your blog. But, there are some bad guys that want to show their ability by try to destroy your sites. Therefore, as the site owner, we should try to do necessary actions to keep our site safe.
1.Do not Use the Default admin User Name
+WordPress comes with an admin account with username is admin. You must create another admin account and remove this default account.
2.Use Complex Password
+The password should be long enough and contain special characters
+Password should be around 10-15 characters.
+Password should follow Microsoft P@ssw0rd standard. It should contain lower case letters, upper case letters, numbers, and special characters.
3.Change the default WordPress Login Page
+By default, WordPress comes with a default login URL http://example.com/wp-admin
+You should change this URL to another one to keep safe for the site
4.Update WordPress version, Theme and Plugin
+Regular update these ones to the latest version will prevent security leaks for the site
+Be sure to backup WordPress before any updates. Update actions usually cause incompatible issues.
5.Do not Use Black Software
+If you have limitation on budget, you can try to use free or open source software. Try to download direct from WordPress or from secured sources
+Do not use commercial software that uploaded in sites or forums. These software usually modified to contain bad codes that harm your sites.
6.Do not Use permission 777
+If you need global permission, you can use permission 775
+The permission 777 is dangerous. Permission 777 will grant powerful privileges for a user. If this users is controlled by unauthorized persons, then our site is destroyed.