Hello there Everybody. This is Katrina and I want to create a quick video in response to a post I simply saw on Techcrunch reporting that hackers are pointing a large botnet at WordPress sites to take the admin passwords and gain server access. So this caution is addressed to anybody with a WordPress site that also has a username called “admin”. So “admin” is the username, the default username of all WordPress sites and it’s the first username that hackers will try to use when they’re trying to break into your website. And we see that occurring now. So I wish to show you in this video how to change your username from “admin” to something else so that you can secure your site. So let’s get started. So here we are on the WordPress login screen and I have this username called “admin”. I need to alter that for website security so this is how I’m going to do it.
The initial step is you want to visit to your WordPress site as “admin” if admin is your username. So I’m going to log in right now as “admin”. When you log in to your WordPress site you’ll see the Dashboard. On the left-hand side you wish to click the link here that says “users”. So I’m going to proceed and click on “users”. And then you want to add a new user. You can either add a new user by clicking on “Include New” at the top, or you can click on “Include New” under Users in the left-hand sidebar.
I’m going to click “Add New” at the top here. Then on the “Include New User” screen, you wish to offer your brand-new user an unique username and a strong password. Once you have actually given your new user a username, an e-mail, and a strong password, the next action is here where it says “Function”, you wish to ensure you provide this new user “Administrator” benefits. So I’m going to click Customer, and after that I’m going to Administrator right here. So now this brand-new user is established to have administrator benefits. The last step here to produce the new user, is you wish to click on the “Add New User” button below. Okay excellent. So now we have two users for our WordPress website: the original “admin” user which we’re logged into today, along with a new user which I’ve simply produced. The next action is to log out as “admin”.
So I’m going to go to go to the top right hand side and log out as “admin”. Then I wish to log back in as the brand-new user. So I just produced a new user with a username and a password. So you wish to include the new username and password in the login screen of your WordPress site. So here I have my username and password.
You can click on “remember me” to remember this for the next time you log in. This will be your brand-new username moving forward. And after that you want to click login to login as your new username. So I’m going to click on “log in” here. Now here we are on the Dashboard but this time we’re visited as the brand-new user.
So what we need to do now is delete the user called “admin”. So I’m going to return to users by clicking the lefthand sidebar. And after that we see the two users, both of which have administrator opportunities for your WordPress website. So we have to erase the admin one so I’m going to click the delete link here when I hover over admin and click erase. And the next action is we want to ensure we associate all posts to the new user. So if you have a great deal of article that have been created with the admin username, then you wish to make certain you click on “quality all posts to”, and make certain that your brand-new user is picked here in this fall box. Next you want to click validate removal to verify removal of the admin username.
Okay, user has been deleted. So now we see that the only username for the WordPress site is the username that you simply created here in the user screen. So that’s how you alter your username from admin to something that is more unique and is much better for your WordPress website security. There’s two other things I want to point out related to WordPress site security. Number one are updates. You can take a look at your updates by going to the lefthand sidebar, clicking Dashboard, and then you wish to click updates underneath where it says Control panel.
So I”m going to click on updates right now. And here we see I have the most recent version of WordPress which at the moment of this recording is 3.5.1. And I have the most recent plugins and themes set up. When you concern this page, if you have any updates that are required it’s a great idea to upgrade them, so you might wish to inspect this page out also. Now when you go to upgrade your WordPress variation, WordPress will trigger you to do a backup, to make sure you have a backup before you install the new version. That is due to the fact that sometimes there might be a conflict with your theme if you are installing a brand-new version. So do ensure you back up your WordPress website prior to you do any WordPress version updates. The second thing I want to explain related to WordPress website security are plugins that you can contribute to help reinforce the security on your website and aid protect your site.
So 2 plugins I suggest, there are numerous plugins out there to choose from, but two that are recommended consist of Limitation Login Attempts, which as it discusses, it restricts the rate of login efforts for each IP, it’s fully personalized. And as it notes here, WordPress enables unlimited login attempts either through the login page or by sending unique cookies which enables passwords to be brute-forced broken with relative ease.
So with this plugin internet addresses will be obstructed from making more than whatever number of attempts you specify when you configure this plugin. So this is an excellent plugin to think about to assist safeguard your site. Another plugin to consider is Wordfence, which as it keeps in mind here, Wordfence is a capitalism class security plugin that consists of a firewall program, virus scanning, real-time traffic with geolocation and more. So you can learn more about functions of this plugin. We keep in mind here that it does state Wordfence includes a firewall software to obstruct common security hazards like phony Googlebots, destructive scans from hackers and botnets. So that is a good thing. Looking at some of the information of Wordfence we see that it has been downloaded over 300,000 times and it was last updated March 21, 2013. It’s compatible up to WordPress 3.5.1.
To set up either of these WordPress security plugins or some other sort of WordPress security plugin, you want to go to the lefthand sidebar, hover over plugins and click on add brand-new. Then in the search field you wish to add the name of the plugin you are searching for. So I’m going to add Wordfence so I’m going to add Wordfence in the search field. Then I’m going to click search plugins to look for this plugin. Here we see Wordfence Security is at the leading so I’m going to click on set up now to set up Wordfence.
Are you sure you want to install this plugin? Yes, alright. And once the plugin has actually been successfully installed you want to click on activate plugin to trigger the plugin. Okay so Wordfence has actually been triggered, we see a little note here. And now when you look at the left sidebar of your WordPress control panel you’ll see a new link that says Wordfence. So I’m going to click Wordfence here on the lefthand sidebar. And here we see at the top you can start a Wordfence scan. So I’m going to click on this to begin a Wordfence scan to scan the site. And when the scan is complete you’ll have a not here that says Scan Total, and you’ll have a message on the lefthand side.
In my case here it states scan complete, congratulations, there were no problems found, and when I scroll down, here once again it states New Issues, and if you have any issues associated with your site they will appear right here. However as we see, congratulations it states, I have no security problems, so I ready to go. So there you go, three methods to secure your WordPress site. Top, the best ways to alter your username from admin to a more distinct username. Number two, where to take a look at updates that might be required on your site or with your plugins or styles. And number three, two plugins that you can consider setting up to assist safeguard your site. So I hope this video was handy and if it was handy feel free to show your pals to help protect their WordPress website as well. Likewise, be sure to sign up for the channel for upcoming videos I will be publishing on the channel.
As found on Youtube