Thanks to a tweet on Twitter I came across this interesting post on how to protect your admin area, it's better to prevent than to cure

The post covers the following points:

  • Create custom login links
  • Pick a strong password
  • Limit login attempts
  • Use secure SSL login pages
  • Password protect wp-admin directory
  • Limit access via IP address
  • Never use admin username
  • Remove error message on the login page
  • Use encrypted password to login
  • Wordpress Antivirus protection
  • Stay updated with the latest WordPress version (so, update it every 40 seconds )
  • One Time password
  • Wordpress firewall plugin


And you can read the full post here: 13 Vital Tips and Hacks to Protect Your WordPress Admin Area

What do you think of this post, is it over the top or are you even more secured? I think it goes wrong for most people when choosing a password, people should be choosing much more difficult passwords and only use them once, but unfortunately it doesn't happen just to make it easier for themselves