Under the title WordPress is insecure 😮😮😮 Many of us hear that WordPress is not secure, and I've been hearing it a lot lately, but actually this depends on the person who started the site, this is a set of mistakes that you must avoid while creating the site 👇🏻💻. There are many ways to protect your site, whether by using WAF, CDN, hiding the directorate...etc, but today I'm talking about the basic errors, which are actually quite common 🛠.

 1- Do not change the link to the login page for the admin 💻: When you install WordPress, the login link is the default link and is like this: www. YourSite.com/wp-admin This link must be changed to any other link to prevent unauthorized persons from accessing it.

 2- Not using SSL for the site 💻: It helps you to protect and encrypt important data such as secret numbers, credit cards and personal information entered through your site. ?

3- Do not change the username of the admin 💻: When you install WordPress, an admin is created on the site and the username is admin. If the username is not changed, people may try to guess the password and start attacks based on that.

4- Using easy passwords 💻: There are many tools that can sometimes extract user names on the site through some mistakes made by site managers.. If the names of users are known, the hacker can start attacks like point No. 3.

5- Do not use WAF 💻: WAF is an acronym for Web Application Firewall, which is the firewall that protects your site from any attacks and confronts hackers and its presence is important.

 6- Using bad hosting 💻: The advantages of hosting differ from one hosting to another, some of them provide you with daily backups, to restore your site if any breach occurs. Some hosts offer free SSL. And other features such as SSH, FTP, and others.

7- Not giving the appropriate powers to users 💻: Many sites give users high powers, and really a person only needs to edit articles or change simple modifications. ?

8- Using Unreliable Plugins or Themes 💻: When using Unreliable Plugins or Themes, this may cause problems with your site and hacks. Tools and other must be checked that they are sound and do not conflict with any other things on the site. ?

9- Not activating dual verification 💻: When you activate dual verification, you protect your site greatly, even if the password and username are known, the hacker can only enter using 2FA.

10- Not updating WordPress, Plugins and Themes 💻: You must update constantly, because most updates come because there are some gaps in previous versions, so an update is issued to protect sites from them.