It was Monday morning and I was on a call with a dozen others who are my peers. Each of us helps the small business owner with their businesses in one way or the other. It was at the end of the call and we were each sharing our websites and going over how to make little improvements here and there. Time was running out and there was just enough time for one more website review, I volunteered. As my site was coming up for all to see suddenly the screen turned a maroon red with an outline of a security officer with his hand stretched out and the words of"do not precede malware threat." I was too horrified to remember exactly what it said although there was more. I was worried about my website I had spent hours on being ruined plus humiliated the people on the call had seen me vulnerable.
I back my blogs using a free plugin WP DB Backup up. I will always restore my website if anything happens. I use WP Security Scan plugin that is free to scan my blog frequently and WordPress Firewall to block asks to fix hacked wordpress.
Safeguard your login credentials - Don't keep your login credentials where they might be found by a hacker. Store them off, and even offline. Roboform is for protecting them look at this now good , too. Food for thought!
Exclude pages - This plugin adds a checkbox,"include this page in menus", which is checked by default. If you uncheck it, the page won't appear in any listings of pages (which contains, and is usually limited to, your webpage navigation menus).
Now we are getting into matters. Whenever you install WordPress, you have to edit the document config-sample.php and rename it to config.php. You want to set up the database details there.
Those are three things you can do to keep WordPress secure without plugins. Set a blank Index.html file in your folders, run your web host security scan and backup your whole account.