WordPress is a very popular blogging tool. However, as with all internet applications, wordpress too needs to be protected to make sure it remains secure and your site stays safe online.
One of the basic attacks against a WordPress site is to try multiple login attempts. This is due to the fact that the default “admin” user is named admin. Therefore, half the job of a cracker is already done.
To prevent cracking and password guessing attempts, you should remove the default admin account and set up a unique one of your own which cannot be easily guessed. For example, you can have an obscure user ID for it like xwz25y8. To put xwz25y8 as the User ID, you need to do the following:
- On your WordPress Dashboard, click on Users -> Add New. Add the user xwz25y8 and give it a strong password. Also, set the user role to be “Administrator”.
- You can give the user any name. It could even be your name.
- Save the user record and click on Users -> All New. From this list, select the default “admin” user and remove it. When you remove it, you can change all posts that user created to xwz25y8. This way you do not lose the posts created by the earlier “admin” account.
- Lastly, log in once more to your site and verify that it was all set up okay.
That’s all. Before doing the above, if you already have posts existing, make sure you backup your WordPress database. You now enhanced your WordPress site security.