Results 1 to 4 of 4

Thread: Secure your wordpress site

Hybrid View

  1. #1

    Secure your wordpress site

    Quote Originally Posted by Lastbutnotleast View Post
    I wanted to share this article (not mine) with you.

    So, here are 5 plugins to keep WordPress secure:

    1. Limit Login Attempts : This plugin blocks a user for 20 minutes after he enters wrong password 4 times (default values, can be changed). It is good way to avoid Brute Force attack .

    2. Sabre :If you own a WordPress powered blog where users can register freely and see a lot of fake registrations, this plugin can stop fake user registration by bots. It can add image verification or math test to registration process among other measures to make sure fake users are not created.

    3. Semisecure Login : This plugin increases the security of login process by using a public key to encrypt the password on client side. The server side then decrypts the password using the private key. Requires Javascript and PHP.

    4. Bad Behavior : It checks the visitor’s IP against Project Honey Pot Database to see if it’s a spammer’s. If malicious, it can block that IP from accessing your blog.

    5. Secure WordPress : This plugin keeps your WordPress installation secure with the help of little functions. It hides information regarding your WordPress version from non-administrators and plugin directory from visitors by dropping a blank index.php file.

    All of these are Wordpress 2.7 compatible.

    Source: 5 Plugins to Keep WordPress Secure

    Maybe this can be helpful to some of us
    Just copy/paste from somewhere.

  2. #2
    Hmm, Nice! Here are my own steps:-

    1.One of the most important security issue with wordpress is to protect wp-admin folder, So always password protect it for prevention from Hack Attack.

    2. After installing wordpress always change your Mysql databse prefix from wp_ to something else, to avoid SQL injection attacks.

    3. Upload blank index.php files in your wp-content/theme and wp-content/plugins to avoid getting hacked from Iframe attacks.
    Custom Wordpress Themer
    - Wordpress Portals & themes -

  3. #3
    Good tips

    Quote Originally Posted by Oranges View Post
    2. After installing wordpress always change your Mysql databse prefix from wp_ to something else, to avoid SQL injection attacks.
    This is easier to do before you install WordPress. Just make the change in the wp-config.php file when you enter the database info. There are a few plugins that you can use to make the changes after WordPress is installed.

    If you change the prefix manually after installing WordPress, then you will have to manually make changes to several table rows. Otherwise, WordPress will not work.

    WordPress › Support How to change table prefix

    An additional important step is to always change the admin username from 'admin' to something that is not easy for a hacker to guess. This one is easy, just open the users table using phpMyAdmin and change the user_login field in the first row.
    "Democracy is two wolves and a lamb voting on what to have for lunch. Liberty is a well-armed lamb contesting the vote." -- Benjamin Franklin

  4. #4
    @ TOpdogger - Thanks for clarification, Yes it will work perfectly as well if we edit wp-config.php before installation.
    Custom Wordpress Themer
    - Wordpress Portals & themes -

Similar Threads

  1. NameSecure can't secure your name
    By Mike-XS in forum Domaining
    Replies: 0
    Last Post: 14 March, 2010, 18:23 PM
  2. Replies: 14
    Last Post: 30 August, 2009, 02:33 AM
  3. Keeping Your Blog Secure
    By Jesse in forum Wordpress
    Replies: 8
    Last Post: 10 July, 2009, 21:44 PM
  4. How secure is Joomla?
    By Mike Dammann in forum Programming
    Replies: 7
    Last Post: 12 January, 2009, 23:48 PM

Tags for this Thread


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts