Secure Your WordPress Blog - MT Blog

    • Breaking News

    Tuesday, January 17, 2017

    Home Moraltime Secure Your WordPress Blog

    Secure Your WordPress Blog

    1/17/2017
    Paste your parsed code here.
    Paste your parsed code here.
    WordPress is one of the most popular platforms in the world. If you're reading this, chances are you've heard of all of the insecurities your default WordPress installation has. Luckily for you, there are many tools and a few tricks to help make sure that your WordPress installation is as secure as it possibly can be.
    WordPress Security

    1. Make Sure WordPress Is Up to Date


    One of the main problems people have with keeping their WordPress installation secure is updating. Follow these steps:
    1. Find the "Update" link under the "Dashboard tab" as shown below and click it.

      2. WordPress Dashboard
    2. Once you're in the Updates menu, you will be prompted to update your installation if needed, or to redownload it if it's already up to date (as seen below).

      3. WordPress Update Security

    2. Ensure Your Host Is Running the Latest Version of PHP


    It should go without saying. If your host is running an old, insecure, version of PHP, nothing you do will help you. The latest version, as of this writing, is version 5.4.3 which patches a buffer-overflow vulnerability. Any good website hosting company will be more than happy to tell you what version of PHP your server is running if you open a ticket with them.

    3. Use a Blank HTML File to Hide Plugins


    Hackers can use knowledge of your plugins to find vulnerabilities in your WordPress installation. Simply place a blank html file (a text file with the extension *.html that has nothing in it) into your /wp-content/plugins directory to make sure that they can't look up your plugins.

    4. Block Access To Your wp-config.php


    Simply put, you do not want someone to have access to your wp-config. It has your table prefixes, database login information, and more. If you forget to protect it, you're going to pay for it - dearly. The wp-config file is located in the root directory of your WordPress installation and is the holy grail of hacker information diving. So simply place:

    Order Allow,Deny
    Deny from all

    in your ".htaccess" file to tell Apache to make sure they don't get access to it. This will prevent any sort of unwanted access to your wp-config file. The ".htaccess" file is extremely important to the security of your WordPress installation (and your server as a whole). It would be wise to learn how to use it. Here is a good guide to get you started.

    5. Install Secure WordPress


    Secure WordPress is an excellent plugin that takes the guess work out of installation security. It takes care of removing nearly everything a hacker uses to get information on your installation. If there is one plugin you should be running, it is this one.

    So there you have it. 5 extremely simple ways to get you started on your way to securing your WordPress installation. As WordPress is getting more and more popular by the day, hackers are becoming more and more vigilant at spotting exploitable holes in WordPress versions and then automating the task with the help of automated Google searches. Don't allow yourself to become a victim.

    Paste your parsed code here.
    Paste your parsed code here.
    Read more
    Share with short URL:
    Posted by at Edit
    Labels:
    Encoded AdSense or Widget Code

    No comments:

    Post a Comment

    Contact Form

    Name

    Email *

    Message *