Best Trick To Secure WordPress Site From Hackers
You can try our trick to protect your WordPress website from hackers easily. Most website hacked by a hacker using your WordPress theme or plugins
It means some plugins or theme are vulnerable so the hacker can easily hack your website if your WordPress website vulnerable plugin or theme indexed by google bot
Nowadays hackers are smarter they do not waste their time to hack one website so they search in google and google can show your plugin list and hacker easily hack your website
So we need to disable google bot access to our theme and plugin folder so google bot won’t index our WordPress theme and plugin so our website is safe from hackers 🙂 so we have to create robots.txt file in our website directory
What is the robots.txt file?
Robots txt file specially made for robots means website crawler when robot or crawler come to visit our website they first check robots.txt file
We can instruct robots using robots.txt file for example if we don’t want to index any file or folder then we can use robots.txt file so robots will not index that file or folder 🙂
How to secure WordPress website with robots.txt?
Yes, My friend, we can secure our website with robots.txt file because as above I already mentioned that hacker use our website directory to find vulnerable plugins and theme so simple we can disable robots access to our theme and plugins directory using robots.txt file
First, we need to create robots.txt file
- Go to File manager > Public_html folder and create robots.txt file
2. Paste the following code and save it
User-agent: Googlebot
Disallow: /cgi-bin/*
Disallow: /wp-admin/*
Disallow: /wp-content/plugins/*
Disallow: /wp-content/themes/*
Disallow: /wp-includes/*
Allow: /
After creating robots.txt file you can test your file using google robot testing tool
How to disable directory access with .htaccess file?
Sometimes hackers try to access our theme and plugin directory with browser or any software so we can easily disable access so our WordPress website is more secure 🙂
- First, we have to open the file manager and go to the public_html/wp-content folder and create a .htaccess file
2. Add the following line to your .htaccess file.
Options -Indexes
Tips:-
> Do not use nulled themes from any unknown website
> Keep your WordPress plugins and themes up to date
You can also use third-party software like cPguard or Pyxsoft to protect your website from hackers
Hostkarle also offers web hosting with cPguard so your website is more protected from hackers if you are using Hostkarle Web Hosting Service We don’t promote our hosting here we just inform you that you can use secure website hosting to give better security to your WordPress website.
Hello sir,
I have read your article we all must fill our robot.txt file and disallow these bots
Hey hostkarle blog ,
Great post with effective wordpress security tips without using plugin.
It is my first time commenting on your blog post and i must say that you have done a fantastic work and suggested great tips to secure the wordpress site from hackers.
WordPress is a popular blogging platform with millions of user worldwide, as this platform allows the user to create quality content and doing other task, hence securing the wordpress site from hackers is truly crucial.
I really like an idea of securing the wordpress site using robots.txt file. Your each of the suggested steps to create robots.txt file and steps to disable directory access with .htaccess file are so clear, easy to understand and follow, whereas following these steps will be helpful for users.
Truly helpful post and thanks for sharing.
really useful.