Protect a Self Hosted WordPress Site from Hackers

Edited by Ronniel Javier, Lynn, Charmed, Alma and 6 others

WordPress is one of the best CMS blogging platforms with many of the largest websites and blogs out there being powered by WordPress. As a result of this, WordPress has become the target of many hackers and over time, many people have complained about their sites getting hacked. I was once a victim of website hacking a few years ago but have since learned how to protect my website from any intrusions. In this article, I will teach you how to protect your vulnerable websites from any unauthorized penetration.


  1. 1
    Download Domain Security Pro
    Yassora 0103151713-meme.jpg
    This is one of the best software programs available and it can completely protect your blog or website from hackers. One of the best and most powerful features of this software is that you are allowed to change your WordPress password without logging in to your account. It will set an htaccess password automatically, without going to your cPanel account. For a fee, you can download Domain Security Pro software here -
    Was this step helpful? Yes | No| I need help
  2. 2
    Choose the best web hosting service provider
    Be wary of using cheap or free webhosting service providers as they do not have the folders chmod-ed properly. Instead, host your WordPress websites in a provider with a great reputation, like GoDaddy, HostGator or iPage.
    Was this step helpful? Yes | No| I need help
  3. 3
    Download the WordFence plug-in
    Yassora 0103151713-meme (1).jpg
    This is a security plug-in that includes anti-malware, a firewall and an anti-virus scanner. This plug-in will repair your damaged themes and plugins. You can also view your live traffic stats and any malicious login attempts to your website or blog, as well as set up login limits on your account. You can download a free version of this here -
    Was this step helpful? Yes | No| I need help
  4. 4
    Do Not upload themes and plug-ins that are not verified
    Yassora 0103151715-meme (2).jpg
    Themes and plugins are spreading all over in the internet, mostly in community sites where free themes and plugins are being freely distributed. These scripts are often filled with malicious code that can affect the health of your website, slow your website's loading speed capability, and take down your whole website system. If you are unsure about your themes or plug-ins, you can perform a virus scan here -
    Was this step helpful? Yes | No| I need help
  5. 5
    Delete themes And plug-ins that you do not use
    Delete all unused themes and plugins. Every theme and plugin has vulnerability issues which an attacker can use, so if you do not use it, it is not worth keeping. This will protect you from SQL injection vulnerability.
    Was this step helpful? Yes | No| I need help
  6. 6
    Choose a better password and username
    Yassora 0103151715-meme (3).jpg
    Don't put "admin" as your username, and you should use a password generator to create a very strong password that cannot be easily cracked or brute forced. The strength of your website security should start with implementing a strong password.
    Was this step helpful? Yes | No| I need help
  7. 7
    Install Login Lockdown
    Yassora 0103151716-meme (4).jpg
    This limits the number of login attempts from a given IP range within a certain time period. This helps to avoid any brute force attacks. You can get it right here -
    Was this step helpful? Yes | No| I need help
  8. 8
    Backup and scan your website/blog
    This is the most important thing. Doing a regular backup and scan will allow you to make a restore point of your blog, and if anything happens, you can easily revert to your blog without having any problems.
    Was this step helpful? Yes | No| I need help

Questions and Answers

How to protect my wordpress blog from hackers?

What plugins do you suggest for me to use to protect my site. My site keeps going blank then it comes back a few minutes later. When I check WhatsApp plugin, it tells me I have been hacked. how do I resolve this? Many thanks!

The first, and most important step to take when trying to recover from a hacked blog, is to locate the time you were hacked, so that you can wipe the site, and reinstall from a secure and untainted back up. Once installed, you will need to make sure all passwords are changed and updated, and that any associated email accounts are also not compromised.

In terms of plugins, there are a number listed in this guide that can help you, but you should also focus on overall site security. Especially the security of your WordPress host. If you are using a company like Host Gator, or Blue Host, you will want to be especially cautious, as they are more often targeted than higher tier host providers like Liquid Web and Storm on Demand.

How to install a security plugin to my Wordpress blog?

I need a step by step on how to install an anti-hacker plug in

VisiHow QnA. This section is not written yet. Want to join in? Click EDIT to write this answer.

My Wordpress site was hijacked by an Islamic group?

I paid to restore my site, in progress. This is the second time in a month that I was locked out, or had my site completely changed. Hosted at Purely Hosting.Com. Very concerned and angry!. I have tried: I've changed my passwords, very strong. Did not stop them. I think it was caused by: ?

VisiHow QnA. This section is not written yet. Want to join in? Click EDIT to write this answer.

If you have problems with any of the steps in this article, please ask a question for more help, or post in the comments section below.


Article Info

Categories : Websites

Recent edits by: USAFA87, Eng, paresh777

Share this Article:

Thanks to all authors for creating a page that has been read 6,033 times.


Thank Our Volunteer Authors.

Would you like to give back to the community by fixing a spelling mistake? Yes | No