news Is WordPress a safe platform for domain blogs?

[News]

Is WordPress safe “out of the box” for domain blogs, and blogs in general?

It’s a good idea to password-protect your WordPress admin folder, adding an extra layer of user authentication. This method would protect against malicious brute force attacks, as long as the username/password pair are complex.

Keeping WordPress plugins up to date is important. At the same time, do not install plugins that aren’t used by thousands of other users already, and always check the feedback section at WordPress.org for any instances of shady behavior.

Read More

 

[Steven McEvoy]

What makes WP safe is the extra security plugins, you can add. As a WP blog owner you should always change the admin username(DO NOT USE ADMIN), and you password should be at least 10 char long. That right there is a pretty secure website. Now WP provides lots of plugins many programmers have created to add one some extra security!

Good Read!

 

[Tia Wood]

And it's open source which means people are catching bugs and patching all the time. Love WordPress.

 

[deez007]

I use WordFence on all my Wordpress sites.... it's a free plugin and it works amazingly well... you can refine the login criteria properly and lock the site down. I set it up so that even just one unsuccessful login and the IP gets kicked out and banned

 

[Martin Scurry]

wordpress is safe and most coustimizable software in market for blog.

 

[carob]

WordPress itself is self-updating, and if you turned that feature off, make sure you enable it again.

Not exactly - only for minor updates like 4.7.2 to 4.7.3.

For 4.7 to 4.8, for example, you have to do it yourself or edit some code to make that automatic.

 

[Kate]

The WP core is rather safe and stable. Problems are usually found in third-party plugins. Some are poorly coded and allow trivial SQL injections. I advise that you review the code before you install anything. While some bugs are subtle and hard to find, poor coding is rather visible

 

[mpls]

Don't forget to hide your admin area (it's usually /wp-admin). Change it with /whatyouwant.
Second, add this .htaccess firewall rules to your .htacess file (if your site runs on Apache):
https://perishablepress.com/6g/
At the end I can assure wp core is secure, and as mentioned before open source software is always more secure than close source.

 

[Cdomains]

As a developer, I have developed WP sites.

Back in the day WP was more of a blogging platform and I was developing websites, so I used Joomla for client sites.

Still do.

Remember the days when Apple products were immune to malware?

Now they are vulnerable just like PC's

Well WP is the biggest platform for websites now and is constantly attacked.

I am not saying Joomla is not attacked, but it is nothing like what happens to WP sites.

I have systems setup on my Joomla sites to record attacks and I can honestly say that 99.9% of the attacks I catch have code aimed at WP and have no effect on Joomla sites they randomly attack.

I may be biased, but I think Joomla is underrated and is a great option for building sites, and it is more secure than WP because it is targeted less.

 

[hostechsupport]

Yes, WordPress is indeed a safe platform for blogs.Just follow the steps below:
1. Create user account & delete admin
2. Always try to use a strong password
3. Create own bot firewall
4. Disallow the plugins
5. Activate secured plugins
6. Follow Google Webmaster tools
7. Always Upgrade your WordPress to new version
8. Auto set backup plugins

I hope this will help you.
Thank you