1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Wordpress Security

Discussion in 'Blogging' started by mahaliking901, Dec 17, 2011.

  1. mahaliking901

    mahaliking901 Newbie

    Joined:
    Dec 16, 2011
    Messages:
    28
    Likes Received:
    2
    Hi there,

    I want to know how to have wordpress security..

    what are the plugins or safety measure to use.
     
  2. IamBlackhatter

    IamBlackhatter Jr. VIP Jr. VIP Premium Member

    Joined:
    Feb 26, 2011
    Messages:
    2,537
    Likes Received:
    1,458
    Gender:
    Male
    Occupation:
    Software Developer
    Location:
    india
    For security purpose you can backup your wp sites with backup plugins such as EZPZ one click backup,backupwordpress,backupbuddy,easybackup etc..
     
  3. mahaliking901

    mahaliking901 Newbie

    Joined:
    Dec 16, 2011
    Messages:
    28
    Likes Received:
    2

    I know that what I mean for security so that it will not hack...
     
  4. IamBlackhatter

    IamBlackhatter Jr. VIP Jr. VIP Premium Member

    Joined:
    Feb 26, 2011
    Messages:
    2,537
    Likes Received:
    1,458
    Gender:
    Male
    Occupation:
    Software Developer
    Location:
    india
    use wp firewall
     
  5. download

    download Jr. VIP Jr. VIP Premium Member

    Joined:
    May 4, 2010
    Messages:
    1,271
    Likes Received:
    712
    Location:
    USA
    I use Bulletproof Security and Secure Wordpress.
     
  6. ronegraT

    ronegraT Power Member

    Joined:
    Dec 29, 2010
    Messages:
    620
    Likes Received:
    101
    Occupation:
    sleeping
    Location:
    Sweden
  7. sohping

    sohping Newbie

    Joined:
    Dec 18, 2011
    Messages:
    25
    Likes Received:
    2

    thanks
     
  8. willywonka

    willywonka Registered Member

    Joined:
    Jan 9, 2010
    Messages:
    76
    Likes Received:
    30
    Get this plugins:

    si captcha anti-spam
    admin renamer extended (change your user login details to something cryptic like "sduywqeytgrtngwsegt")
    website defender wordpress security
    limit login attempts
    bulletproof security (activate both root folder and wp-admin htaccess security mode)
    Make continuous backup.

    And the most important thing. Always have the latest updates installed.
     
    Last edited: Dec 18, 2011
  9. gregstereo

    gregstereo Elite Member

    Joined:
    Oct 5, 2009
    Messages:
    1,833
    Likes Received:
    1,027
    Occupation:
    I'm known to locate certain things from time to ti
    Location:
    Moose Factory, ON
    Some good advice in this thread, and some good advice in the thread referenced above. Read and apply. And if you want to really kick it up a notch or just have a good read on WP security get a copy of WP Defender.

    Oh and on the subject of backups, keep multiple backups - if and when you get hacked, you may not notice it for a bit; and one or more of your backups may also be infected, so restoring it won't get you anything. Having a known clean backup along with fresher backups that may be hacked is a plus.
     
    Last edited: Dec 18, 2011
  10. mahaliking901

    mahaliking901 Newbie

    Joined:
    Dec 16, 2011
    Messages:
    28
    Likes Received:
    2
    thanks for the advice I will it first then comeback and have some questions again
     
  11. sohping

    sohping Newbie

    Joined:
    Dec 18, 2011
    Messages:
    25
    Likes Received:
    2
    nice thread I would love to apply all advice here
     
  12. zmoney

    zmoney Senior Member

    Joined:
    Apr 19, 2011
    Messages:
    814
    Likes Received:
    250
    BTW, Are those Caching Plugins safe now? I know the one, what is it called hmm W3C or something had some security holes.
     
  13. Timothy7

    Timothy7 Junior Member

    Joined:
    Aug 16, 2010
    Messages:
    121
    Likes Received:
    19
    thx for you guys advice above, learned something...
     
  14. madoctopus

    madoctopus Supreme Member

    Joined:
    Apr 4, 2010
    Messages:
    1,249
    Likes Received:
    3,498
    Occupation:
    Full time IM
    Hide plugins, hide footprints in URLs, hide generator, only use plugins and themes from wordpress.org if you don't know how to analyze them for backdoors.
     
  15. toponewebresult

    toponewebresult BANNED BANNED

    Joined:
    Jul 31, 2011
    Messages:
    57
    Likes Received:
    2
    Random times in your password. You must protect it so that no one will hack it.:)
     
  16. oxonbeef

    oxonbeef BANNED BANNED

    Joined:
    Jan 4, 2009
    Messages:
    2,242
    Likes Received:
    7,872
    http://www.blackhatworld.com/blackhat-seo/templates-themes/374678-amazing-tools-detecting-hacked-themes.html
     
  17. mahaliking901

    mahaliking901 Newbie

    Joined:
    Dec 16, 2011
    Messages:
    28
    Likes Received:
    2

    thank you:)
     
  18. Rogul

    Rogul Newbie

    Joined:
    Jul 20, 2010
    Messages:
    35
    Likes Received:
    3
    simple ways to protect your admin is to also put a htaccess in the admin folder allowing just your IP. And htaccess in the uploads directory preventing any php to run as well is a good way to stop any unwanted code being run if it makes your way to your box.

    Also get your host to run weekly trojan scans, just in case your server isnt fully secured and they find their way in another way
     
  19. StevenCavan

    StevenCavan Newbie

    Joined:
    Jan 11, 2012
    Messages:
    6
    Likes Received:
    0
    Hello Guys,

    I am new to this forum. Just wanted to add some insight about wordpress from my own personal experience after a few years. Some business partners and I got down and dirty to do some investigation into the .php and template scripts of wordpress. What we found was astonishing. As you probably are already aware, wordpress has increased their updates to almost an annoying level. This was in an attempt to prevent people from hacking into the system. Well, these updates are actually leaving the door wide open for hackers. It has happened to a couple of my blogs.

    What we also found in the scripts was self promotion of the template writers to market their stuff inside your WP site without being detected. I would recommend if you are going to use WP, stay with the twenty-ten template and make sure you review the source code in the template and remove all advertisements that do not belong to you.

    To sum it up, I do not trust wordpress at all. The system has become highly unstable to the point where site rankings are getting worse on Alexa.

    I hope this helps. I would recommend to stay away from the plugins all together.

    Steven Cavan
     
    Last edited: Jan 11, 2012
  20. slowlyslowly

    slowlyslowly Registered Member

    Joined:
    Jan 3, 2012
    Messages:
    84
    Likes Received:
    15
    Occupation:
    Nun
    Location:
    Convent
    I use:
    Login Lockdown
    WP Security Scan