BLOGGING 101: How To Protect Your WordPress Website From Hackers

BLOGGING 101: Protecting Your WordPress Website From Hackers

So, recently I’ve been receiving daily emails, that have caused me to go into a frenzy of panic. There is nothing worse than seeing that a website that you have put your heart and soul into is under a brute-force attack. What does a brute-force attack mean? That your site is experiencing a bot or hacker that is password guessing to attempt to login to your website. So, today I’m going to go through the steps that I have taken to protect my WordPress website from hackers.

Securi Security - Monitors Against Hackers on WordPress Websites. Jennifer Lam's tips on how to protect your self-hosted WordPress site.

Securi Security

Securi Security is a WordPress plugin that is available to download for free. It offers security activity auditing, file integrity monitoring, remote malware scanning, blacklist monitoring, security hardening, etc. But the best feature is the security notifications. It monitors any activity that is going on, on your website and sends you email alerts. You can opt out of receiving certain emails like post updates, when you install and activate plugins, etc. However, the alerts that you do want are successful logins and failed logins. This will allow you to monitor IP addresses that are trying to hack into your website, and Securi sends you an email instantlywhen someone fails to login to your website.

Securi Security - Monitors Against Hackers on WordPress Websites. Tips to protect your WordPress website by Jennifer Lam.

WP Limit Login Attempts

The WP Limit Login Attempts plugin is fantastic for login protection. Considering WordPress gives many attempts to guess the password than I would like. This clever plugin limits the amount of times that someone can guess your password. If you use the lite version, you only get 5 attempts to guess the password. However, if you purchase the pro version, this will allow more lenience. I just use the lite version, as 5 attempts doesn’t give them many tries before their IP address is blocked temporarily. It also helps to filter out bots that try to get into your website, as it uses captcha verification.

WP Limit Login Attempts Plugin to protect against brute-force attacks. Tips to protect your self-hosted WordPress site by The Confessions of an Online Shopaholic

Check Your Users For ADMIN

When you go onto your wp-admin dashboard and you go to users in the left-hand sidebar, do you have a user called ‘Admin’?If the answer is yes, it’s got to go!

So, hackers are very clever, so if your username is ‘Admin’, it’s very easy to guess your password from there. I would recommend going to users > add new, and then create a new username, add an emailof your choice and make the password very hard to guess (do not use the same password you use for everything else online). Change the role of the new user to ‘administrator’. Note down details of this new user, as this will be the new account you login with in the future.

After you have made this user, go to the top right corner of the website and log out of WordPress. You then want to log back in with your NEW USER details. Once you have logged in successfully, go to users > all usersand delete the old admin account. You have now increased the security of your WordPress account further, hooray!

Ain’t Nobody Got Time For Spam!

Aside from hackers, spam is the biggest annoyance I counter on a daily basis. We get enough of it in our email accounts! How good would it be to have a plugin to sift out the spam so you don’t have to? Let’s face it, we’re just too lazy or too busy to have time to get rid of spam comments. Spam comments can be full of dangerous malwarethat has malicious programmes that could infect your computer, and as a blogger that is your worst nightmare.

The Akismet Anti-Spam is the plugin you need in your life! It automatically goes through all comments to check for spam; it reveals misleading or hidden links; moderators like yourselves can see how many approved comments a person has made, and Akismet even blocks and discards the spam that would otherwise clog up your disk space.

This plugin has already helped prevent 243 spam comments come through, so I only see the lovely, genuine comments that people leave me.

Akismet Anti-Spam to prevent spam comments from coming through. Tips to protect your WordPress website by Jenny Lam.

Lets All Protect Our WordPress Websites!

I hope all of these tips and plugins are useful and lets all protect our websites that we have worked so hard on! I’m hoping to expand on my Blogger Help category, so keep an eye on it for more help!

If you have a fellow blogger friend that you think would benefit from this post, please share it with them!

If there is something you don’t quite understand, or you have any questions, please feel free to leave a comment below for me to get back to you, or email me on!


I would just like to add that this post wasn’t sponsored by any of the plugins talked about. I genuinely needed to urgently spread the message in case any other WordPress users experience the same problem with hackers. I’m not a professional in any way, this is purely my own experience and what has worked for me and my website.



  1. December 16, 2017 / 9:38 am

    Some really useful information here! I’ll definitely be going through my site and settings today! x

  2. December 19, 2017 / 11:32 pm

    This is a fab post, but also very worrying, I can’t imagine losing my blog and all my hard work to a hacker! There’s some seriously odd people out there. I’ve had nearly 2,000 malicious login attempts in just over a year!! I have some of the plugins you mention but I will check admin and settings too.

    Thanks for sharing!
    Samantha x

    • December 21, 2017 / 8:42 am

      Thank you Samantha! Me too, it’s absolutely terrifying when I see the emails everyday. I know, you would think they’ve got better things to do! That is ridiculous, I hope you manage to tighten up the security, I wouldn’t want you to lose such a fantastic blog!

      Thank you for reading!x

  3. Jocelyn
    December 22, 2017 / 10:07 pm

    Thank you so much for this post, Jennifer! This is obviously very scary, I know my heart drops a little time I each get a blog email alert about security, so I’ll definitely be trying some of these out!
    xx Jocelyn //

    • December 22, 2017 / 10:12 pm

      Aww no worries Jocelyn, thank you so much for reading! Yes me too, it gives me such anxiety every time, especially when it gets more frequent. I hope they work for you!xx

  4. January 3, 2018 / 10:19 am

    Such a useful article. Really makes me think carefully about security online. We all lock our houses and cars, but often over look online!

Please leave a comment, I'd love to hear your thoughts!

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Mailing List

Instagram – @jenniferwl_
%d bloggers like this: