I really liked the “hardening your wp-install” part. Great advice!

You have a small error in the whitepaper, page 4:
update wp_usermeta
–> 3 values: capabilities, user_level and autosave_draft_ids
In your whitepaper sty 2 values.

Great work and thanks!

[…] recent "Secure WordPress Whitepaper Revision" shows the new WordPress SECRET_KEY variable in the ‘wp-config.php’ file. This […]

Hey,

Thanks for all the hard work. I like many have suffered the “alter” error when trying to install the wp prefix plugin. My privileges were set to include alter and my config file is writeable for sure (even tried it with 777). The article offers no other suggestions. Any ideas?

WordPress Whitepaper：使博客更安全…

专注于博客安全的 BlogSecurity 刚刚发布了升级版本的 WordPress Whitepaper，我看了一下，书中所涉及的问题是我们很容易忽略的，很容易导致安全隐患。鉴于原文是英文的，所以我对该书进行了简….

[…] Secure your Wordpress […]

[…] recent “Secure WordPress Whitepaper Revision” shows the new WordPress SECRET_KEY variable in the ‘wp-config.php’ file. This SECRET_KEY […]