Security in WordPress is an absolute necessity . Your WordPress site might be hacked some security issues may arise. Wordpress websites are most love target for hackers .
Nobody can make a side perfectly secured.  This thing is impractical or difficult to achieve. Be that as it may one can, at any rate, reduce the rich by applying different securities efforts.  with this article, you will have the capacity to keep your side generally safe.



To protect your side and your viewer's data following measures be
received. these means want to eliminate the security risk but surely limit the Risks.


1. Choosing a host
2. strong password
3. don't use the adminas username
4. 2  step login  authentication
5 . limit number of the login attempt
6.  disable login hints
7.  change login page URL
8. trusted theme and plugins
9. use SSL
10.  use WordPress security keys
11. keep WP updated
12.  keep it clean
13.  disable trackbacks.


choosing a host:

choose a reputable and solid host for your site. try not to go for a cheap one.
you are hosting company effects you are site security in a great way. there are many host provider who uses outdated software. outdated software does not guarantee future security regardless of the possibility that there was no issue previously.
look for the following features for choosing a host : 



Attack monitoring and preventions update their software should be able to isolate sites which are hacked to prevent other sites on a shared server.





                                    * WHAT IS GDPR ?

                                    * Why is a SSD hosting better then HDD hosting?



                                    * 4  Facts You Need to Know About WordPress 

Picking strong password :

Choose an unpredictable password for your safety. simply take after three things (Complex, long and unique ) while choosing a password version 2.5 or more have the password strength indicator for your assistance to recognize whether your password is a sufficiently strong or not.

Keep the following point in mind : 

#Use of fresh and unique password
#use a mixture of Capital and small letters, symbols, and numbers.
# Avoid common information about you like a mobile number anniversaries or birthdays.
# keep it long for at least 10 characters.
# Try to have a password which does not make any meaning or sense.
# change your password frequently.

Don't use admin As a username :

Wordpress as administrator as the default username. being the default it is the most well-known username and thus really easily crack it.  At the point when people begin using WordPress, particularly for the first time they stick to the administrators as the username.  will make a somewhat harder for the hacker to crack it.

To change the username:

Create a new user by clicking on users> New
delete the previous admin user.
while deleting it, WordPress will ask you to do what to do"  with the content of this user and you have options either.
to delete the complete content or assign it to the new user.

2 Step login authentication :

Two-step login verification( otherwise called  2FA) add more security to your login page it requires a verification code that must be watered throw a throw a mobile message to sign into your account.



There are some plugins available for 2FA.

Limit number of login attempt:

For the most part login pages are attacked by the hackers the hackers by the hackers .they may attack various circumstances for the correct username and password. Despite the fact that their attempt might be a success but the quantity of a attend they made expand a tremendous measure of server memory. because of these, your side mein slow down. on a mutual server, this will affect your site and also neighboring site.



one answer for this is to restrict the number of login attempts. there are some plugins available for this like Jetpack.

Disable login hint :

At whatever. You're right or wrong password or username, you will get a clue Expressing you that either your username or password is incorrect.
It is an exceptionally helpful data for the hackers that is the reason login indication should be disabled for a WordPress site.

Change login page Url :

hackers for the most part login on the login page. on the off chance that you will hide your login page from the hackers, it will expand your site security all great extent.
This should be possible be possible by changing the login page URL with hideaway login plugin login plugin. there are additional is some different plugins available for this.
 they basically capture page demands and makes a wp-admin directory and wp-login directory and wp-login wp-admin directory and wp-login.PHP pages out of reach. you need to remember the new login page set during the activation of the plugin.

Trusted themes and plugins :

Plugins and themes are dependable in a suspect when they are not kept up or refresher. Before downloading a plugin
or theme, check its reviews and comments, greater is a response or not and whether it is free or paid. Before downloading a plugin or theme, do, do a backup of your side and theme.

Use SSL :

SSL stands for secure socket layer .it turn the HTTP to https. it is important on the page containing sensitive data. it is an additional layer of
.
it scrambles your site data into a mixture a frame, so when this data makes a trip from your server to a browser, it is in a mixture of organized and does not make well.  at the browsers and, the private key is used which makes the data readable.

Wordpress security keys :
   
      open a WP counselling dot dot PHP file go to the line authentication unique key and salts used and online automatic key generator tool replace exciting set of keys in a WP config.php file from online tool key and save it you can repeat this process at a fixed time duration period whenever you will try to change passwords user will log out from their user will log out from their account automatically.

Use secure Ftp(SeTp) :

A file transfer protocol is a used to convey data from your site to your to your host data from your site to your to your host when you make a few changes or update information to your site FTP connection expand the odds for catching information while step incredibly reduces it.

Keep up updated :

‌The best security for your site is to update it regularly updating every one of your files to the latest version increase the security of your Wordpress site .from form 3.7 WordPress automatically gets updated.  however, files themes and plugins should be updated by means of your dashboard or FTP.
keep it clean :
‌ always remove unused themes and plugins from your site as they may bring some security issues since they have not been updated since quite a while since quite a while.  always keep your website clean.

Disable Trackbacks:

Trackbacks advise that your website your website that your website content got a connected up with another site page.
through trackbacks, hackers can attack your site.
so for another WordPress site, disable this future by clicking on setting > Discussions  Uncheck the "allow interface notification from different sites" option.