Protecting Your Website from Hacking
Basic Rules
- Use strong passwords for cPanel, FTP, and database
- Regularly update your CMS, themes, and plugins
- Remove unused plugins and themes
- Enable two-factor authentication in billing
WordPress Security
- Install Wordfence or Sucuri plugin
- Change the default /wp-admin login URL
- Limit login attempts
- Disable XML-RPC if not needed