1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Wordpress Security!

Discussion in 'Blogging' started by drsolution, Aug 8, 2010.

  1. drsolution

    drsolution Newbie

    Joined:
    Jun 27, 2010
    Messages:
    11
    Likes Received:
    3
    Gender:
    Male
    Occupation:
    Dentist
    Location:
    South Dakota
    Hey, I looked and searched but nada...

    Question is, What are the best things that need to be done to protect WP blogs from hackers?

    You get hacked and it cost money and TIME and rankings etc...
    There are even youtube vids which tell you how to hack a site!

    I saw this link:

    which has some good vids and he is selling WP defender...
    Good vids which made me think..
    Anyone???
     
  2. blackheader

    blackheader Jr. VIP Jr. VIP Premium Member

    Joined:
    Apr 3, 2010
    Messages:
    282
    Likes Received:
    288
    Have a look at this site.. There are some really great plugins described that can protect your blog from being hacked:

     
    • Thanks Thanks x 2
  3. radicalseo2

    radicalseo2 Newbie

    Joined:
    Jun 24, 2010
    Messages:
    49
    Likes Received:
    12
    There are several things you need to do, it actually begins right before the installation by selecting a different Wordpress database prefix.

    Other options include removing the admin user (after you have created a new user with admin rights, protected directories with blank index.htm to avoid browsing, making sure the rights are set correctly for the Wordpress directories and files, making sure you select a very secure password, making sure Wordpress and all plugins are always up to date and so on. There is lots to do, here are some links to get you going:

    http://www.noupe.com/how-tos/wordpress-security-tips-and-hacks.html
    http://codex.wordpress.org/Hardening_WordPress
    http://www.problogdesign.com/wordpress/11-best-ways-to-improve-wordpress-security/
    http://www.smashingmagazine.com/2010/07/01/10-useful-wordpress-security-tweaks/

    good luck.
     
    • Thanks Thanks x 1
  4. damagen

    damagen Newbie

    Joined:
    Mar 17, 2010
    Messages:
    40
    Likes Received:
    2
    for sure your site is in safe, daily check wp and update
     
  5. someguy

    someguy Registered Member

    Joined:
    Sep 17, 2008
    Messages:
    75
    Likes Received:
    35
    1. Check your file and directory permissions (try not to use 777)
    2. Use .htaccess password protection at /wp-admin/
    3. Secure username and password
    4. Remove sourcecode Wordpress footprints or at least the version number.
    5. Make frequent SQL database backups to a different hoster.
    6. Block malicous IP-ranges with the htaccess.
    7. Look at logs / statistics for strange user behaviour and scans.
    8. Always update
    9. Check the sourcecode of plugins
    10. Do not use plugins / themes with obfuscated / encoded code.
    11. Manually check for intrusion points (seach function, dynamic function, 404-page, error page, php-errors, logs...)
    12. Use WP Security Scan Plugin at
    Code:
    http://semperfiwebdesign.com/plugins/wp-security-scan/
    13. Do not give out your username or password.

    Good luck! :)
     
    • Thanks Thanks x 1
    Last edited: Aug 9, 2010
  6. drsolution

    drsolution Newbie

    Joined:
    Jun 27, 2010
    Messages:
    11
    Likes Received:
    3
    Gender:
    Male
    Occupation:
    Dentist
    Location:
    South Dakota
    Hi and THANKS for the info!
    That really helps!
    If one does this, I would think a would be hacker would just go somewhere else as this would be too much trouble and other sites would be much easier...