WordPress Login 2019 or How To Keep Your Site Safe

Joaquín Ruiz - 13th May 2019

WordPress Login 2019 or How To Keep Your Site Safe
  • Date:   13th May 2019
  • Category:

      WordPress

  • Comments:

      0

Starting a blog, eCommerce, or online business site requires an upfront investment with hosting, themes, plugins, and website development. And sometimes we forget to make our site safe. Today we are going to learn how to protect the WordPress Login, the most dangerous part of our platform.

The most important element we need to protect is the main door of our platform. In this case, the Dashboard Login. By default, the core has some security measures in place. But we have to keep in mind that WordPress is the online platform most hacked (90%). Therefore we should think in adding more security measures.

WordPress hacked - WordPress Login 2019 or How To Keep Your Site Safe
WordPress hacked – WordPress Login 2019 or How To Keep Your Site Safe

WordPress Login

The Login is summarized in the file “wp-login.php” and the “/wp-admin/” folder. If we type in our web browser the address of our WordPress (URL) followed by /wp-admin/ (example: https://domain.com/wp-admin/), we will be redirected to the file wp-login.php. This point is where the login is made to the WordPress dashboard (and not from /wp-admin/ directly).

In every WordPress installation the login folder is /wp-admin/. This folder stores the files that make the WordPress dashboard work. It does not support changes, it is not a folder that is usually modified. Inside it only has internal scripts and libraries. It does not contain configuration files.

WordPress Login - WordPress Login 2019 or How To Keep Your Site Safe
WordPress Login – Best security plugins for 2019

Protect the WordPress Login

Therefore you should protect the WordPress main door (wp-login.php and wp-admin) with plugins. At least to change the access URL, and blocking login attempts.

I show you below the three most important plugins, to secure your WordPress in 2019:

1. iThemes Security

Plugin page: link

The iThemes Security plugin (also known as Better WP Security) is one of the more complete plugins to protect your website. It has several features to prevent things like hacks and unwanted intruders.

iThemes Security Plugin - WordPress Login 2019 or How To Keep Your Site Safe
iThemes Security Plugin – Best security plugins for 2019

The most important features in this plugin are file change detection, login using the Google reCAPTCHA, banned users and local brute force protection.

2. Sucuri Security

Plugin page: link

The Sucuri Security plugin offers both free and paid versions. Although for the majority of websites the free plugin should be enough.

Sucuri Plugin - WordPress Login 2019 or How To Keep Your Site Safe
Sucuri Plugin – Best security plugins for 2019

The features in this plugin includes file integrity monitoring, blacklist monitoring, security notifications, and security hardening.

3. Wordfence Security

Plugin page: link

The Wordfence Security plugin is one of the most popular WordPress security plugins. It is very easy to use, and it contains very powerful protection tools.

Wordfence Security Plugin - WordPress Login 2019 or How To Keep Your Site Safe
Wordfence Security Plugin – Best security plugins for 2019

The best features of Wordfence Security are a full firewall with multiple options like country blocking, and brute force protection. It also monitors live traffic, logins and logouts.

Don't forget to Share and Comment this post if you liked it, and if you are interested in more posts about WordPress, read more!

The Author

Joaquín Ruiz (aka Joki)
Joki is a Computer Engineer, Senior Full-Stack Developer and Lead Developer, specialized in web and e-commerce. Joki has also a wide international experience as freelance and working in agencies.