Robert C. Rodriguez wrote a nice post on his blog giving some WordPress security tips. To summarise he suggests:
- WordPress Version - Always a good thing to do, however, becareful how you go about doing this; if you remove the global WP version this may affect some plugins and the core WordPress functionality.
- Keep Everything Updated - yup…
- Backup, Backup, Backup! - yup…
- Login Lockdown WordPress Plugin - This plugin logs incorrect login attempts. Could be useful and something we haven’t mentioned on BlogSecurity before. Nice suggestion.
- WordPress Scanner - Of course, we totally agree with using BlogSec’s online wp-scanner service :)
- Prevent Directory Listing - yup…
- Protect Your WP-Admin folder a little more - yup…
- Contact Form - yup…
- Passwords, we don’t need no stinkin passwords! - Choosing a good password and having seperate user accounts for different functions is critical!
- Check your blog, at least daily - yup, not a bad idea.
I really like the way RR wraps up his post:
Securing your WordPress blog is very important, considering the amount of time you’ve put into it.
As blogging explodes, security is always playing catch up. In short, great article, keep it up RR.
Comments
It would have been better if you had linked to the plugin homepage.
Joyce, sure, what plugin are you referring to?
Login Lockdown WordPress Plugin. I had wrote about the plugin once, so I know the url. But for others, it would have been helpful. Ofcourse, going to rr.cx would have given the link, but still….
Joyce, all done.
[…] BlogSecurity.net: RR Securing WordPress Tips - Good tips for securing a Wordpress website. […]
[…] some add-on or WordPress itself). BlogSecurity is a good site to stay up to date. They provide security tips and also a WP Vulnerability Scanner to test your site […]
-
Search site:
-
Additional WP Resources
