How to secure your WordPress blog
Repel attackers with these tips on creating a secure installation
A freebie WordPress.com blog won’t cut it – get your own web space, and install the full WordPress distribution from www.Wordpress.org
With around 200 million users worldwide, WordPress is not only the most popular blogging tool there is, it’s also become one of the most successful content management systems on the web.
So it’s no wonder that we periodically hear about rounds of attacks on the platform. The bigger the target, the more likely people are to aim for it.
There are few things more sobering than to wake up one morning and find that your sites have apparently disappeared or that they’re suddenly serving malware. It needn’t be that way if you maintain control of your WordPress installation and make it as exploit-proof as possible. It doesn’t require constant vigilance – just a bit of tweaking after installation and a secure routine from then on.
Post-install cleanup
After installation, there’s some immediate housekeeping that you’ll be prompted to do. Don’t put it off – do it straight away.
The most important change is to delete or disable the ‘install.php’ file in the wp-admin folder. That’s the file used to connect WordPress to a database and create a configuration file. It can be removed, or you can FTP to your website and rename it to something like ‘installOLD.xxx’.
Web design blogger Jeff Starr suggests a more lateral solution: replace install.php with a fake file that generates an error message and sends you an email informing you there’s been a hack attempt. To download his replacement, install.php from his website.
Read more: http://www.techradar.com/news/internet/how-to-secure-your-wordpress-blog-707915#ixzz0w2LkexfS
Meet The Author
|
 |
- Comment help
- Get Livefyre
