Keeping Your Blog Secure
We all spend lot of time writing and promoting our blogs. We should do our bit to keep our blogs secure:
This is one precious plugin: WP Security Scan
Block WP- folders from being indexed by search engines, the best way to block them in your robots.txt file. Add the following line to your list:
Directories should not be left open for public browsing- There is a potential problem letting people know what plugins you have, or what versions they are. If there is some known exploit that is linked to a plugin, it could be easy enough for someone to use it to their advantage. Make an empty wp-content/plugins/index.html file or just add this line in your .htaccess file in your root:
Options All -Indexes
Great Tips, The .htaccess should be used on all Linux/Apache Servers.
Excellent post! Thanks for sharing with us.
Thanks for the post. I didn't even picture all this at first.
Thanks, I'm using the empty index.html file, to hide my image directories, although what you said is usefull too. Hiding plugins is necesarry as they may let hackers know how to get into your website.
Thanks for this thread, let's upload it before it's too late!
Keeping WP updated and using good servers is generally ok. But Hackers are Hackers, keep regular backup to be sure!
Yes, backups are an absolute must. I'm making a thread on it now :P
Originally Posted by annkur
One important one:
Do not keep your password as 'password':P
I'm going to try adding that to one of my blogs, I've been getting a lot of weird activity probably someone try to do an injection.