1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Suggestion for Better WordPress Security Guarantee

Discussion in 'Black Hat SEO' started by Jason H, Dec 2, 2012.

  1. Jason H

    Jason H Registered Member

    Joined:
    Jul 13, 2011
    Messages:
    86
    Likes Received:
    12
    Hey,

    I thought I share this regarding how to make your WordPress make secure. I use all of these to help sleep better knowing my sites are safe and secure.

    First things, you need these plugins now:

    Secure WordPress - basic security
    Limited Login Attempts - stops the number of forced login so they're locked out
    WordPress Firewall 2 - basic security
    WordPress Secruity Scan - basic secruity
    Lockdown WP Admin - this is a great unique plugin I'm surprised nobody ever mentions that hides your "wp-admin" and change it to anyway you like wwwsite.com/whateveryouwant so that way delinquents won't attempt to force-login into your site on your wp-admin screen...if they can't even find it in the first place.

    Also, have "SI CAPTCHA Anti-Spam" this way not only it protects you from spam, but under the option you can "enable CAPTCHA on login wp-admin page". this makes it more difficult for bot and harder for delinquents to attempt force login...now with limited-login attempt and if they even find your login-page in the first place with Lockdown WP-admin. for rock solid secrutiy.

    If anybody else has other advice, please share.
     
    • Thanks Thanks x 4
  2. audioguy

    audioguy Power Member

    Joined:
    Jun 12, 2010
    Messages:
    609
    Likes Received:
    224
    Location:
    Anywhere in the world building WP sites.
    WordPress is just an app. There are many other things you have little or no control of. For instance, where do you host? Do they make sure PHP, Apache, MySQL and other stuff secure all the time?
     
  3. jimscott89

    jimscott89 Registered Member

    Joined:
    Dec 10, 2011
    Messages:
    69
    Likes Received:
    5
    i don't know exactly friend..
     
  4. terrycody

    terrycody Senior Member

    Joined:
    Sep 29, 2012
    Messages:
    833
    Likes Received:
    193
    Occupation:
    marketer
    Location:
    Hell
    bulletproof would be a good choice though im not using it
     
  5. Jason H

    Jason H Registered Member

    Joined:
    Jul 13, 2011
    Messages:
    86
    Likes Received:
    12

    I never tried using Bulletproof, I honestly found it too bulky and wasn't sure if I needed all that when have these other plugins, but it's all-in-one and the only secruity plugin i need to make up for all these other ones, i'll install bulletproof and uninstall some of hte other ones.

    True, is I'm not really sure what it really does and if it protects all the secruity loopholes
     
  6. intrepid

    intrepid Regular Member

    Joined:
    Jun 27, 2011
    Messages:
    318
    Likes Received:
    47
    I use the first 2 plugins plus Cloudflare to prevent DDOS. And add comments to .htaccess file.
     
  7. Foxy999

    Foxy999 Newbie

    Joined:
    Dec 30, 2012
    Messages:
    49
    Likes Received:
    4
    Wordpress Plugins to Secure Wordpress.. The plugins themselves can be the root of your problems. Wordpress, especially it's plugins, are widely exploited.

    PHP programming is what you would need to learn to be able secure / modify the original code. The problem is that the source code for all the Wordpress / Wordpress plugins you use are open to the public, and this is what makes hacking php applications 1,000 times easier..

    Here is one simple way to evade hackers:

    There are tons of public exploits for Wordpress and plugins for Wordpress. The public exploits for Wordpress and it's plugins usually only affect certain versions. One way for an attacker to view what version you are running is to view the wordpress/readme.html file.

    Or you can hire me to check out your php webapps for you, I have a service on fiverr.

    Foxyy
     
  8. irmscher

    irmscher Jr. VIP Jr. VIP Premium Member

    Joined:
    Sep 18, 2011
    Messages:
    659
    Likes Received:
    128
    Cloudflare is what you are looking for, there are few Wordpress plugins that simplify the connection process. However Wordpress is not the most secure CMS out there, if you are very much into good security CMS you'll be better off with Drupal or Elxis
     
    Last edited: Jan 19, 2013