How To Secure Your WordPress Site
-
Update WordPress to its latest version. If you installed your Wordpress via your Servage account, this can easily be done via the application installer.
-
Update all themes to their latest version.
-
Hide admin URL using plugins like WPS Hide Login
-
Use captcha on contact forms
-
Delete unused plugins, themes
-
Scan all files for malware and virus.
-
Use security plugin like WordFence or Sucuri security plugin.
-
To block IP from accesing your site/WordPress you can use this code in .htaccess:
<Files wp-login.php>
order deny,allow
allow from xxx.xxx.xxx.xxx
deny from all
</Files>
Replace xxx.xxx.xxx.xxx with the IP you wish to block.