Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: 13 Vital Tips and Hacks to Protect Your WordPress Admin Area

  1. #1

    Thumbs up 13 Vital Tips and Hacks to Protect Your WordPress Admin Area

    Thanks to a tweet on Twitter I came across this interesting post on how to protect your admin area, it's better to prevent than to cure

    The post covers the following points:

    • Create custom login links
    • Pick a strong password
    • Limit login attempts
    • Use secure SSL login pages
    • Password protect wp-admin directory
    • Limit access via IP address
    • Never use admin username
    • Remove error message on the login page
    • Use encrypted password to login
    • Wordpress Antivirus protection
    • Stay updated with the latest WordPress version (so, update it every 40 seconds )
    • One Time password
    • Wordpress firewall plugin


    And you can read the full post here: 13 Vital Tips and Hacks to Protect Your WordPress Admin Area

    What do you think of this post, is it over the top or are you even more secured? I think it goes wrong for most people when choosing a password, people should be choosing much more difficult passwords and only use them once, but unfortunately it doesn't happen just to make it easier for themselves
    |Nico Lawsons

  2. #2
    Easiest freaking way?
    Instead of wp-admin for the login page?
    RENAME IT!

  3. #3
    Quote Originally Posted by iowadawg View Post
    Easiest freaking way?
    Instead of wp-admin for the login page?
    RENAME IT!
    That could lead to some problems when upgrading, while allowing others to register, etc etc...
    It's a half decent solution but not safe at all.

    When WP finally provides us with a good upgrading platform I'll bother installing a bunch of new security measures, for now I just keep my regular backups (I guess ).

  4. #4
    If you do not want people to register, great solution.

    The other solution?
    Password protect.

    Either way is better than your ways.

    And damn well secure.

  5. #5
    Quote Originally Posted by iowadawg View Post
    Easiest freaking way?
    Instead of wp-admin for the login page?
    RENAME IT!
    That would be the logical way to do it, but unfortunately you cannot rename the admin directory with WordPress.
    "Democracy is two wolves and a lamb voting on what to have for lunch. Liberty is a well-armed lamb contesting the vote." -- Benjamin Franklin


  6. #6
    It can be done, but it takes like forever to find every instance of wp-admin in all the files and folders and change that to the new name.

  7. #7
    Thanks for the share, I use Login LockDown on all my blogs. Coupled with a strong password and current WP version, hopefully I locked in tight
    Sound Unsound is a music forum for Unsigned Artists, Dj's and Producers
    Others: PDA and Smartphone guide | What task will you do for cheap? | Crazy Links 4 Free

  8. #8
    I think changing your login name from admin (using cPanel) and using a strong password should be enough.

    If you only occasionally login to the admin area and have large numbers of blogs, how about changing the file permissions of the wp-admin directory to block public access?

    You can do this by changing the file permissions of the directory using your FTP software such as File Zilla. Change the permissions from 0755 to 0750. This gives an error 404 page to anyone browsing the login page.

    And change the permissions back to 0755 when you want to login again.

  9. been using wordpress since 2009 but haven't seen someone actually use custom login links? how do you do this?


  10. #10
    With a login name other than "admin" and a strong password, there is no problem since there would be too many combinations to try and crack it.

Page 1 of 2 12 LastLast

Similar Threads

  1. Blank WordPress Admin Area
    By Andy101 in forum Wordpress
    Replies: 3
    Last Post: 25 October, 2010, 01:05 AM
  2. An Admin's Mind - Adminstrating, Blogging, and other Tips
    By orc_dragoon in forum General Chat
    Replies: 17
    Last Post: 5 July, 2010, 16:37 PM
  3. vital Cheats
    By lexic in forum General Chat
    Replies: 0
    Last Post: 19 April, 2010, 19:15 PM
  4. WordPress Admin Control Panel - Open Site Link
    By vanderkitty jones in forum Wordpress
    Replies: 3
    Last Post: 17 August, 2009, 22:37 PM
  5. Replies: 0
    Last Post: 6 January, 2009, 04:33 AM

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •