Securing Wordpress

Posted by: pctutorials  :  Category: Security, Wordpress

wordpress-security

Security is a big issue these days, not only in the real world but also in the online world. Unfortunately, some people have nothing better to do than hack other peoples websites and blogs. I for one am a victim of such an attack. So, what can we do to avoid spam attacks and website exploits? Locking down your website/blog is the answer. Here are the things I’ve done so far to harden up my blog:

1. Upgrade to the latest Wordpress Version- Holes and exploits are always being discovered in Wordpress so it is wise to have the latest version with the exploits patched up.

2. Use a complicated password and change it often- Hackers will sometime attempt to do a brute force attack to gain your log in details to exploit your blog. Changing your password regularly can avoid such attacks. To further stop this kind of attack, install the Login LockDown plugin for Wordpress, which will block an IP address after attempting to login to your blog within 5 minutes.

3. Set correct file and folder permissions- Setting file and directory permissions is important as you don’t want to give access to unauthorized people. Chmod values should be: 755 for directories, 644 for plugins and core WP PHP files, and 666 for my active theme files. Tutorial.

4. WordPress Exploit Scanner- This plugin will search for any suspicious activity on your server. Good too to run occasionally.

5. Make regular backups- The more regular the better, because if something does come up, you’ll be able to restore your blog within minutes. I now backup my blog every couple of days. Make it a habit.

So far I haven’t been compromised using the above steps, and am hoping for it to stay that way :D . If you have any suggestions or questions, just leave a comment.

If you enjoyed this post, make sure you subscribe to my RSS feed!

Related Entries

Leave a Reply