Many WordPress webmasters are quite vigilant when it comes to securing their sites against hack attacks. Knowing how to keep your WordPress code secure is important but not the only thing you need to worry about. You should also take time to address other security issues that your server may be suffering from. For instance, you should not allow everyone to have access to your cPanel account. That is pretty easy to fix if you know your way around your Web Host Manager software.
To get started, visit the Security Center page and click on the Configure Security Policies option. If you do not want unverified IPs to have access to your cPanel, you should enable the Limit logins to verified IP Addresses option. That’s only one part of the process. Don’t forget to visit Security Questions to add the IP addresses you would like to have access to your admin pages. I do encourage you to set up challenging security questions for unrecognized visitors.
The above steps require users to answer a few security questions when they are trying to log on from an unrecognized computer. You can impose further restrictions by taking advantage of the Host Access Control interface. Just choose the service you want to block by IP, enter your IP addresses, and choose the action you would like to take. The good news is you can get a list of services to restrict by IP by typing a couple of letters. If you are planning to use both allow and deny actions, make sure you enter your “allow rules” first.
You should take the same approach with other services you are running on your server regardless of how much time you have spent to harden WordPress. Hackers don’t always rely on basic tactics to get around your defenses.