In general, WordPress blogs are not considered to contain much sensitive data therefore the default behavior of using user name and password suits most bloggers. However there are cases you want to enhance this default security a bit, below are several things you may want to consider:
- 1. Stop spamming.
Scenario: Ever since I started my blogging, I often notice that there are a lot of irrelevant comments posted under my post. I’m fine with people promoting their websites or products however please show some respect to my hard work as well.
Solution: WP plugins like Math Captcha helps. Basically it asks a very easy math question, which brings extra work for spammers if they are humans and hopefully this helps them rethink their spamming. In the case the comments are generated by some smart robs, this would be quite hard to “guess”.
- 2. Ensure your admin password is not brute force targeted.
Scenario: I’m concerned about my WP admin password. A program could try thousands of times per second to guess my password.
Solution: Google offers reCaptcha service, it shows a combination of pictures which would be almost impossible for robs to fill in. Of course, you still need to set your password reasonably strong, don’t ever use 123! WP plugin like “Google Captcha” would be quite handy in this case.
- 3. Keep content off site.
Scenario: Everybody knows the importance of back up, especially if you have blogged for several years and have had thousands of posts. Though losing all of them is not a death/live situation, I guess you still don’t want to risk.
Solution: Fortunately WP has its own import/export tools for all your posts/comments/contacts. I’m sure having a local backup is also convenient when you want to migrate your WP site from one provider to another.