Security tips

Get a decent website HOST

Fluffytech recommends using ROCHEN servers for unparalleled service and support. Straight out of the box they scan for and block malicious activity and limit brute force attacks without you even knowing about it.

Lock down your wp-admin folder with white listed IP addresses

In my experience security plugins are difficult to configure and have horrible side effects, like total lockouts. In my opinion the simplest way to protect your wordpress site is to limit who has access to the Admin by checking their IP address.

Do not edit your Root .htaccess file, don’t paste these codes in there. It must be /wp-admin/.htaccess if you don’t see that file then create a blank file, name it .htaccess in your wp-admin folder.

AuthUserFile /dev/null
AuthGroupFile /dev/null
AuthName "WordPress Admin Access Control"
AuthType Basic
order deny,allow
deny from all
# whitelist Kermit's IP address
allow from
# whitelist Miss Piggy's IP address
allow from
# whitelist Gonzo's IP address
allow from
# whitelist Work IP address
allow from
# whitelist Holiday IP address
allow from

Boring instructions courtesy of WP beginner


Facearse Tweep Internetmail