Would you like to win a Design by Humans t-shirt?
Powered by MaxBlogPress 

Would you like to get paid for signing up for a web hosting plan with Bluehost.com?
Powered by MaxBlogPress 

Securing your WordPress installation

Posted on February 3, 2008
Filed Under Wordpress |

If you've enjoyed reading this post then please subscribe to my Full Text RSS Feed.

WordPress
My blog was recently hacked through an unsecured plug-in, WP-Forum. Since the incident, I noticed a lot of other WordPress blogs were also hacked. I decided to do some research to learn how to secure my WordPress installation and I came across a very useful WordPress security whitepaper that you can download from blogsecurity.net for free. It is technical but I recommend that anyone who owns a WordPress blog to read it because there are quite a lot of useful information that you can implement on your blog and secure it from hackers.


What is in the whitepaper?

  • How to change your WP Table prefix
  • How to change your admin username and creating a new limited access user
  • A whole section on hardening your WP install
  • Must have plugins to secure your WP install such as WPIDS - to detect intrusions, WP plugin tracker and WP online security scanner.




    • Other posts that might interest you:

    Tips from Matt Cutts to protect WordPress installation
    Upgrade to WordPress 2.3.2 to fix urgent security flaw
    Web site hacked

    Sphere: Related Content

    Other Related Posts:

  • Tips from Matt Cutts to protect WordPress installation
  • Psychic Search WordPress plugin
  • Web site hacked
  • WordPress spam-fighting plugin
  • WordPress for iPhone


    • If you've enjoyed reading this post then why not subscribe to received updates by email.

    Enter your email address:

    Delivered by FeedBurner

    Email This Post Email This Post

    Trackback This Post

    Comments

    2 Responses to “Securing your WordPress installation”

    1. Chan Chiew on February 5th, 2008 3:10 am

      Just to share on my experience as a web administrator:
      Been running website using Joomla almost 3years; have not experience any hack to all my sites till now…

      Current site on Joomla:
      http://www.caring2u.com.my
      http://caring2u.com.my/rx/
      (with forum module for pharmacists)
      http://www.pharmd.com.my

      &

      http://pharmd.com.my/lspj87/

    2. Lloyd Lopez on February 12th, 2008 6:17 am

      In addition on making sure that the WP files are updated and changing the password on a regular basis, I also use Login LockDown plugin for wordpress.

      It adds some extra security to WordPress by restricting the rate at which failed logins can be re-attempted from a given IP range.

    Leave a Reply