Here are 5 things you can do to improve your WordPress security.
1. Use secure hosting When choosing a web hosting provider, don’t simply go for the cheapest you can find. Do your research, and make sure you use a well-established company with a good track-record for strong security measures. It’s always worth paying a bit extra for the peace of mind you get from knowing your site is in safe hands.
2. Never use “admin” as your username If you use “admin” as your username, and your password isn’t strong enough , then your site is very vulnerable to a malicious attack. It’s strongly recommended that you change your username to something less obvious. Until version 3.0, installing WordPress automatically created a user with “admin” as the username. This was updated in version 3.0 so you can now choose your own username. Many people still use “admin” as it’s become the standard, and it’s easy to remember. Some web hosts also use auto-install scripts that still set up an ‘admin’ username by default If you have posts published by the “admin” account, when you delete it, you can assign all the existing posts to your new user account.
3. Limit login attempts In the case of a hacker or a bot attempting a brute-force attack to crack your password, it can be useful to limit the number of failed login attempts from a single IP address.
4. Try to avoid free themes Premium WordPress themes have a lot going for them, as you’ll see below. However, with all of the premium theme authors and shops out there (this one included) singing their praises, it can be difficult to put yourself in a place where you actually consider their potential downsides. Hopefully the points I make below will help. So whiling using WordPress themes try to avoid free themes.
5. Use security plugins As well as all of the measures above, there are tons of plugins you can use to tighten your site’s security and reduce the likelihood of being hacked.
Above WordPress security will prevent you to hack your wordpress website.