[Video] Ten Steps to Secure WordPress
After a recent hack attack, Olly over at guvnr.com produced a nice video on how to secure your WordPress blog.
“Why secure it, it works just fine?” you say. Well it could be defaced or used to gain access to your server where programs can be installed e.g. to share illegal files, send spam or just to steal your users’ login details including their passwords. In the video Olly covers the following steps:
- Upgrade WordPress.
- Update plugins.
- Change “wp_” database table prefix.
- Delete “Admin” user.
- Use a stronger password.
- Hide your WordPress version.
- Ensure WordPress database errors are turned off.
- Remove WP ID META tag.
- Protect the “wp-admin” folder
- Hide plugins.
via 10 Tips To Make WordPress Hack-Proof (update: Video has been updated as has the post so please read it carefully along with the comments)
Pleased you like my blog post and video…
http://www.guvnr.com/web/blogging/10-tips-to-make-wordpress-hack-proof/
You should know, though, that I’ve ammended some of the notes, after some of my readers quite rightly corrected a point or three!
So take a look for the very best practises. And read the comments, because they add more ideas too.
Damn, these things are out of date pradctically before they’re published
the_guv