security

WordPress Security: Change Admin Username

September 7th, 2014

Whenever you’re setting up your WordPress website, the default username is always admin. In the excitement of getting started we ignore making any changes to the username and complete the installation. Unfortunately, this makes it easier for a Hacker to run a brute force attack as he now only needs to work on finding the password to get to your website’s admin dashboard. If you’ve committed this innocent mistake then it’s time to rectify it for the safety of your own WordPress website.

How to change WordPress ADMIN username

  • First you need to login to your website’s admin dashboard.
  • Hover over Users [left hand menu] and click on Add New.
  • You will need to fill in all the fields that include username, email, first name; last name, password etc [Choose a good username and a strong password]. Before clicking on Add New User don’t forget to change the role to Administrator.
  • You will now find the new user created in the Users section. You’ll then need to logout from the admin dashboard.
  • Now login again into your Admin dashboard with the new username and password.
  • Click on Users on the left the hand Menu and then click on Delete just below the old admin user. *We recommend taking a backup of your WordPress Website before you delete the old admin user*
  • You will now be taken to a screen where you will need to attribute all posts of the old user to the new one that you just created. Ensure you check the radio button Attribute all posts to and then select the new username from the dropdown Then click on Confirm deletion button. [If you don’t do this correctly, all posts that were attributed to the old username will be lost.]
  • You will now see that the old user has been deleted.

That’s how simple it is to fortify your WordPress security from a Brute force attack. Hackers will now have a tough time trying to guess the username and the password of your website.

Security tips for your Joomla website

August 20th, 2014

Website security has become the talk of the internet. With security loopholes discovered almost every other day, we know you’re concerned about your website. We recently shared a few easy ways to secure a  Drupal website and this time we want to talk about a few tips to secure your Joomla website.

Tips to secure your Joomla website

1] Updates: Your Joomla website and the supporting extensions should always be updated. Updates add more features or a security patch which is essential for your website in order to block any possible loop holes. These updates are generally very easy to install and won’t take much of your time. Think about this, it’s easy to update your website and it’s components than to figure what caused your website to crash and rebuild it again. Remember to take a backup before you apply the updates.

2] Delete unwanted extensions: Keep only those extensions that are required for your website, the rest need to be deleted. Many beginners tend to try a lot of extensions to see how it will help them with their website. Only a few extensions end up actually giving value to the website, the rest are just lying there with absolutely no additional benefit to the website. They simply take up your hosting space and can also become a potential threat to your website if they are not regularly maintained (updated).

3] Use strong login details: We are all aware that we need to set up strong passwords to secure the login page but we also need to setup an equally strong user name. The default usernames are generally ‘admin’ or ’administrator’ which are vulnerable to brute force attacks. Think of usernames as passwords and make it strong and not easy to guess. This way you’re adding another barrier for an attack on your website’s login gateway.

4] Setup right permissions: A very important tip to secure a Joomla website is setting up correct permissions for your website’s files and folders. We recommend setting the permissions of the folders to 755 and the files to 644. If you’re not aware on how to make changes to the permissions then you can check out this blog post.  Never use 777 for either your files or folders as this gives read, write and execute rights to everyone.

5] Security extensions: If you need an easy solution to take care of your website’s security then you can utilize one of the many security extensions available. You can try jSecure security extension, which covers a lot of security features that you will need to secure your Joomla website.

These tips should be good enough to give you a head start in securing your website. We would love to know of any security tips that have worked like a charm for you. Don’t forget to share them by leaving a comment below.

Three easy ways to secure your Drupal website

August 9th, 2014

Website hacking is on the rise and thousands of websites are becoming victims each day. You may be running your website on WordPress, Drupal or any other Content Management System but the risk of being hacked is almost the same for all. We are here today to share with you 4 very easy ways that will help you secure your Drupal website.

Three ways to secure your Drupal Website

1] Did you know that you could actually limit the number of login attempts to your account? Brute force attacks are common these days and the only way in, is through the login page. You can use a module called Login Security to temporarily or permanently ban IP addresses that are attempting a brute force attack on your website.

2] You need to enable auto logout for all the users of your Drupal website. Incase if your laptop gets stolen and you are still logged in then they can mess up your entire site. You can check out the module Automated Logout which will log out users after a specific amount of time.

3] Finally you need to update the Drupal core and all modules that are supporting your Drupal website. This will ensure that the any vulnerability with the older versions is taken care of. We recommend that you always take a backup before performing any update.

We do agree that there are more complex ways to strengthen the security of your Drupal website, but think of this as the basics which have to be done. You can start by setting up strong alpha numeric passwords for all your website users. Sometimes the biggest of the issues arise due to the smallest of the problems hence all precaution measures need to be taken.

Do leave a comment below if you have any crucial ways to secure a Drupal website.