Talking about WordPress security isn’t particularly sexy or interesting. It is an important topic though. Just for a moment, imagine how it feels when:
- customers tell you your website triggers their anti-virus or firewall
- your blog readers email you to say they can’t access your site because Firefox has blocked it with a big red warning screen
- or you search on Google and see a “This site may harm your computer” warning next to your results
It’s not a nice feeling. You swing from total panic and not knowing where to start, to anger at the people who have done this, then over to fear as the realisation your business income will be affected kicks in. I know, I was there once and it can happen to you too.
Over the last week or so, I have had conversations with 7 people, from bloggers to online business owners to offline businesses with WordPress websites who have been hacked. Some weren’t running the latest version of WordPress, others were. Some had fancy security plugins, others didn’t. They all had one thing in common…
They still used the default Admin username
Easily Increase Your WordPress Security
You can have all the security bells and whistles you like, but if you are still using the Admin login on WordPress you are essentially giving away half the keys to your blog or website. It’s not that difficult for the people who have their bots scouring the web for admin access to then crack your password. They aren’t sitting there for hours guessing the password, it’s all automated.
A really easy way to increase your WordPress security is to remove the admin username and replace it with something less common. The video below shows you how to do it.
Changing the Admin username step-by-step
- Log in, create a new user and asign administrator rights
- Back up your WordPress
- Log out then log back in with the new username
- Delete the old admin selecting the option to transfer all posts to the new user
- Update your new user profile with a new nickname, the correct email address and any other info you want in there.
Discover more tips about improving WordPress security with screenshots over in my Kindle guide, “How to Install WordPress and Build a Secure Blog” from Amazon UK and Amazon.com
Over to you…
Do you log in with the Admin username? Was the video useful for you? I’d love to hear from you in the comments.
.png "I Support IEC")
This is one of the first things I change after installing WordPress and it’s a good rule of thumb to keep in mind for every blog you make. Great video, Jan!
Thanks for sharing!!
Bonnie Gean recently posted..How to Make a Sticky Note in Gimp
That’s great news, Bonnie!
Great info. I’m ashamed to admit that I’m an admin user. I do have some security enforcement on my blog however I know I need to take the steps you outlined. Thanks for the motivation.
Shawn recently posted..Tools to Use With Pinterest & Other Social Media
Ohhh, don’t wait, Shawn – it’s better to be safe than sorry! A few minutes work and your blog will be more secure than many out there.
Thanks Jan really appreciate this. Great blog! I know I am not using admin:)
Debra recently posted..3 Secrets to Long Term Love!
That’s good to hear, Debra! Thanks for popping in
Great thanks Jan
Cher recently posted..Raw Ice Cream – Strawberry Fondant
You’re welcome, Cher
Great post. I don’t use the “admin” for my log in and I am certainly glad I don’t especially after viewing your video. I didn’t realize how important it was to change it. Thanks for sharing.
Toni Nelson recently posted..Five Budget Mistakes Your Business Needs To Avoid
Many people don’t realise how important it is. It’s good to hear you don’t have the admin login! Thanks for popping in
Sometimes the most obvious things are the best. Thankfully I’m ok on this but it’s so easy to forget the basics and when it’s as important as this, it deserves a great blog post to fix it.
Ginny Carter recently posted..How to love social media
I thought the same, Ginny – that this was obvious. This last couple of weeks has opened my eyes a lot. I’m working with one small business who had 3 WordPress sites hit. Sites that designers had put together for them and not changed the admin. The average business owner just doesn’t realise the importance of it until they’re faced with lost call/orders and look into why. Fortunately, their host cleaned up the mess and it was down to me to change the admin and tighten things up.
I’ve never used “admin” as my username. Nice to see I’m doing something right. Thanks!
~Debra
Debra Jason recently posted..Why Not Write About Love Every Day?
You do a lot of things right, Debra! lol Thanks for popping in
Thanks Jan.
I had changed my admin name at sign up, but it was showing so I changed that thanks to your advice.
Jen Bajackson, LGPC recently posted..Skills of Sympathy – Part Three
That’s great to hear, Jen! Safer already
Thanks for popping in.