A Report on

Startup with WordPress and Its Security

Submitted By Date: 23.03.2020

Mahadi26

1
Now a Days it has become very easy to create a website. No need to know coding or anything. The
process is simple.

We need just two things. One is a server and other thing is domain. And there comes 000webhost.com.

Web Hosting
000webhost is an online server which provides free webhost to create websites with free domain.

Steps are simple. Just go to 000webhost.com and make a free signup.

Now we have to give our mail address and a suitable password to create an account in 000webhost.

A confirmation mail will appear in our given mail address. We have to confirm it to get started.

2
After successfully account creating in 000webshot.com we will find some options to build our website,
like below.

3
Pressing the build now option will create a website for us. Now it’s time for Content Management
System (CMS).

WordPress
WordPress is a CMS for websites. It is very popular because it is very user friendly. After building a
website we have to install WordPress for its content management.

For management of its every content we have much options. Like, setting up a theme is very important
for websites appearance. Using Appearance menu, we can set up a theme as we like.

Like theme setting up we can configure other content as we wish. But now an important thing we have
to consider.

It is security of the website. It can also be maintained by WordPress.

Vulnerability
Security is main concern for anything. For website, some people are awaiting out there for gaining
access illegally. WordPress is popular CMS worldwide. To prevent those illegal access, we have to know
about the vulnerability which are being used by hackers.

First of all, we have to sure about our CMS is updated. Like my websites CMS is updated.

4
Now we will discuss about some safety issue.

In general, WordPress provides us default login page which are easily foundable and major vulnerability
for brute force attack by hacker.

So if we relocate our login page then 90% probability of brute force attack will be reduced.

To do that we have to install a plugins called rename wp-login.php and setup a manual login page.

This is the plugins. We have to install it and then set up a manual login page like below.

5
Now you can sleep well but not deep. Our site is not secure much.

Next process is IP blocker. If any hacker makes try on our website, after few attempt that IP will be
blocked temporarily. This security is provided by installing plugins called Wp Limit Login Attempts.
Just install it and activate it.

After activation we can set up the login attempts to block.

6
Now major vulnerabilities are gone. But a weak Password can ruin all these things. The list of top used
Password for 2018 is given below.

7
We have to be very careful about setting up passwords like these.

Now our login page has been moved, number of login attempts has been set up and a strong password
has been provided. It looks like DONE! NOW TIME TO CHALLENGE A BLOODY HACKER!! Ok, hold on. I
would say don’t be so excited. There are still lots of chance to be hacked by BLOODY HACKER!! The given
statistics will shock you.

Four years statistics for WordPress blogs hacked. You know! the number is surely increased. So you be
relaxed like that. But taking those steps can reduce chance, that’s all.

Plus, we have to update our plugins and themes regularly for more concern.

And finally, we have to always backup our files for emergency.

Thank you.