WordPress has been installed. The installation process is complete. Finally I’ve gone international with my website. I’m going to customize options and personalize my theme. But before I go ahead, WordPress needs to be secured, just a little.

First-time Security Steps

Here is a short and undetailed list of WordPress security steps:

• change the default admin password (I know it’s a random string, but there is a copy on your e-mail)
• create a new user, assign it the administrator role and log out
• log in to wp-admin using the new user, and delete the default admin user
• choose a strong password
• visit https://api.wordpress.org/secret-key/1.1/ and edit your wp-config.php file
• install WP Security Scan plugin
• install Secure WordPress plugin
• install Login LockDown plugin
• plan (and execute) regular backups, both for files and database
• keep WordPress and plugins updated