PROTECTION OF IDENTITY FOR ADMINISTRATORS

At first glance, identity theft doesn't seem to have much to do WordPress common, but if the topic is given a little more attention, it can quickly be seen that administrators are also affected. It does not matter whether it is a matter of responsibility towards user data or one's own data that needs to be protected.
Protecting your identity as an administrator

Protecting the identity for administrators

In order to protect the identity as an administrator, attention should always be paid to one's own data as well as individual surfing behavior. Although it is old hat, it should always be avoided to use the same password on different websites and to avoid using a password that can be easily cracked. Furthermore, it should be noted that although protecting your own computer is a very important factor in the protection strategy, this alone is not enough. It may make sense to store your phone contact or other contact information with the various services, as long as the service uses such notification channels to alert you to potential threats. Since administrators are responsible for what happens to user data, administrators should be aware of the security of the website and consider the security of the web server. While some rented web servers have little influence on the issue of security, the energy saved in this way should be used to keep your own user accounts as secure as possible, because with just a few mouse clicks it can happen that the site and thus also the user data can be viewed by unauthorized third parties.

More data security - How it works

As an administrator, it is extremely useful to hide the WordPress page behind WordPress, because if nobody knows .
that the page is a WordPress installation, then nobody knows how it can be hacked.
Since every backend of every WordPress site is accessible via the /wp-admin link, hackers have the ability to identify a WordPress site using this accessibility. To prevent this, the permalink to the WordPress backend should be changed. Since this setting is not provided by WordPress, it has to be added via a plug-in. Often, vulnerabilities are not included in the WordPress instance, but are installed via plug-ins and themes. Since the themes and plug-ins are always in the same folder structure, it's easy for hackers to track down the names of the themes and plug-ins, and thus also to evaluate the site as vulnerable or not. In addition, the permalinks for feeds, authors and other common post types should be changed, as these are also a clear sign of a WordPress installation. There are several ways to change the permalinks, and this feature is also provided by WordPress. With several thousand lines of code and documentation, it often happens that the term "WordPress" is used. For example, the phrase "Powered by WordPress" often appears in the footer of the page, which is also a clear sign of a WordPress installation. Certain premium plug-ins, in addition to the functions of hiding the identity of WordPress, also offer a Firewall which enables further security measures such as protection against SQL injections or brutal forces.

Current articles