Locking Down WordPress Image by Mr. Mo-Fo

Thus far in our securing your WordPress blog series we have seen:

• Fluffy’s helpful tips and a security login plugin - post 1
• How to change your username for added security - post 2
• How to obscure your database tables - post 3

Today I want to talk about one of the most important security features you can set up for your blog - the .htaccess file.

Why This Is Important

I bet many bloggers and some home-schooled web developers have seen this file mentioned before and know it’s good, but it frightens the heck out of them. This is probably because the code is foreign to them and they know messing it up can limit access to their websites, so they just avoid it all together.

Not good.

We have been talking about strategies for securing your WordPress blog from possible intruders trying to access your files. In case you missed them, here are the first two posts in this series:

• Post 1 (showcasing a great security plugin)
• Post 2 (How To Change Your Username)

Of course nothing is full-proof; all you can do is make things difficult for someone with ill intentions. The idea though is to create multiple layers of road blocks and speed bumps which will make hacking your system a pain which hopefully encourages them to move on rather than spending all day on your site.

Today I’d like to show you how to customize your database some which WordPress uses for its files. This is known as security through obscurity. It’s one of those “speed bumps” as opposed to a “road block”, I guess.

In the first post of this series on securing your WordPress files from intruders we learned why it’s important to create a strong password and how to add a layer of protection for your login page by use of the Login LockDown Plugin.

Today I want to show you how to change the default “admin” username WordPress gives us. This is very important as it’s just one more thing an attacker will have to figure out in order to access your files through the login page. The more difficult you make it, hopefully the more likely they will move on.

You’d think the creators of WordPress would make changing your username easy - but it’s not.

Changing your password, no problem. Changing your username, well . . . not as easy. So let’s do this one together and if you have any questions, feel free to comment below.

Fluffy thinks outside the box when it comes to defending his blog against attackers.

No, this series on how to better secure your WordPress blog from being hacked does not expand on Fluffy’s alternative means of defending it.

Sorry.

However, we will look at some relatively easy things you can do to fortify your blog and take a defensive position without the use of hand grenades and land mines.

This topic will be a series of 7 posts which include guided picture tutorials and is intended for anyone with great web development skills to well, maybe just above a beginner.

For this first post though, I’d like to mention a few good practices and first steps you should do to better secure your WordPress blog. Following that, we’ll look at ways to create multiple layers of protection by:

• Changing your default WordPress username
• Obscuring your database tables

Googlebot reads websites, but not like you. Image by lauradahl

#1 on Google, and ok, maybe Yahoo!

That’s what Web Entrepreneurs want - and we all compete for it.

Here are some SEO guides I go by when optimizing a website.

Keep in mind though you should always first make sure your website is designed well for human navigation and readability; SEO is secondary. Googlebot doesn’t buy from you, humans do.

When thinking about search engine optimization, I always design with the notion that search engine algorithms change over time. Therefore, even if something today doesn’t have a huge impact on SEO but it seems logically it might, I use it when possible. I try not to assume, but always plan.

Please note this article has a lot of links. Ironically, I didn’t do this for SEO but rather educational purposes.

xml Sitemaps Are Quite Ugly Click image to view our Sitemap.

Is it necessary to have one? Will it affect my search engine rankings if I don’t have one? Will Google visit my website less because I don’t have one?

Let me see if I can clarify some of the questions people have when it comes to the widely known, but little understood, xml Sitemaps.

A xml Sitemap is a sitemap generated for your website that you have created for our buddy Googlebot to read and get to know your website.

There are some arguments out there as to whether or not a Sitemap is really beneficial to your website. The obvious advantage of having a Sitemap is to help Google index your site better, but does that really have any say in search engine optimization or PageRank?

Does Having A Sitemap Help My Search Engine Rankings?

It’s a crappy answer, but the answer is yes and no.

Ever go to a blog and read an article that you find interesting and would like to follow what other commentators are saying but you don’t really care to add a comment yourself?

I do sometimes. Especially if it’s a list that I know others will add links to in a comment section.

Like mine, most WordPress blogs you go to have the Subscribe To Comments plugin so those that comment can keep up on the conversation going on in the comment section.

There’s a little tweak I did to my Subscribe To Comments plugin many bloggers may not be aware of that you can do.

By simply adding the following line of code to your comments.php file, you can allow your blog readers to follow a topic without commenting.

<?php show_manual_subscription_form(); ?>

As mentioned above, add the code to your comments.php file and just below the </form> tag near the bottom of the file’s code.