WordPress 3.0 has been out for over a week now. If you have upgraded to it, you have already applied a huge number of security updates through this upgrade.
But, there is still a lot more you can do to secure your WordPress blog. As the WordPress platform gains popularity, so does the hackers trying to compromise sites running on WordPress.
Smashing Magazine has put together a nice collection of WordPress security tweaks. Some of them include
- Prevent unnecessary info from being displayed
- Force SSL usage
- Use .htaccess to protect wp-config file
- Blacklist undesired Users and Bots
- Protection from Script Injections
- Flight Back Against Content Scrapers
- Create a plugin to protect your blog from Malicios URL Requets
- Remove your WordPress version number
- Change the default ‘Admin’ username
- Prevent Directory Browsing
I would also add installing the ‘Login Lockdown’ plugin that protects your site against brute-force attack. You can also see some of the top WordPress plugins that address security issues in our list.
{via Smashing Magazine}
Google-powered Related Articles
- No related posts found
