Tip of the Week: Security Time

Hi Everyone,

Security Time

I wish we didn’t live in a world where people were out to get you, but we do. It may not be personal, but owning and running a website exposes you to the world. And there are a lot of spammers, scammers, con-artists, hackers and criminals out their looking for exploits.

WordPress, with how popular it is and how many 3rd party scripts are involved make it an easy target. There are a number of things you can do to harden WordPress.

Having the right hosting and WordPress installed professionally is a great first step.

A professional install includes:

– A strong database password used
– A different username than admin set
– Having security keys and salts added
– A different database table prefix than wp_ set

This is all done in a manual install that 1-click installs do not offer.

There are also some wonderful security plugins to consider:

Secure WordPress: Tightens up some basics like hiding your WordPress version.

Bad Behavior: Blocks spam attempts. WARNINGThis is a very strict plugin that can block some good things like open id logins and shopping cart apis.

Restrict Login By IP: If you have no need or intention of allowing people to register for your site and only you need to login this is a great plugin. WARNINGIPs change often so make sure you know how to use FTP to edit your .htaccess file or you’ll lock yourself out of your admin.

SABRE: For those that do allow registrations this is a great plugin with many options to help you block spam registrations.


Thanks, Bryan

CyberChimps Community Manager | Web & Graphic Designer Design: http://calmestghost.com/ | Blog: http://bryanhadaway.com/ (please do not contact me privately regarding CyberChimps support - please see support options here instead: http://cyberchimps.com/support/)

Leave a Reply

Your email address will not be published. Required fields are marked *