100% security tips for making your wordpress Site inpenetrable for hackers
MUST HAVE PLUGINS:
http://wordpress.org/extend/plugins/better-wp-security/
http://wordpress.org/extend/plugins/wp-security-scan/
http://wordpress.org/extend/plugins/timthumb-vulnerability-scanner/
http://wordpress.org/extend/plugins/tac/
http://wordpress.org/extend/plugins/exploit-scanner/
As a matter of necessity the above plugins must be installed and run/used at least once a week to check your files for harmful code.
1. Always update your wordpress/themes/plugins to the latest versions.
2. Change all PHP file permissions to 600
3. Rename the admin user: On a new install you can simply create a new Administrative account and delete the default admin account by adding a new user with Administrator role, make sure you use a strong password.
4. Change the table_prefix: Many published WordPress-specific SQL-injection attacks make the assumption that the table_prefix is wp_, the default. Changing this to somethingn like myownsite_ can block at least some SQL injection attacks.
5. Keep wp-admin Directory Protected: Keeping “wp-admin” folder protected adds an extra layer of protection. Whoever attempts to access files or directory after “wp-admin” will be prompt to login. You can set protection easily on any folder via cPanel’s Password Protect Directories graphical user interface.
6. Hide WordPress Version in the Header Tag: Add the following line to the functions.php file in your theme directory: (Create a blank PHP file with this name if your theme doesn’t already have one)

7.Nobody should be allowed to search your entire server: If you allow then the hacker will find the way to hack easily. The best way to block them is in your robots.txt file. Add the following line to your list:
Disallow: /wp-*
8. Protect your wp-config.php file: You can secure your wp-config.php by adding the following to the .htaccess file at the top level of your WordPress install:
deny from all
This will make it harder for your database username and password to fall into the wrong hands in the event of a server problem.

Read more https://www.obasimvilla.com/blog/100-security-tips-making-wordpress-inpenetrable/
Obasi Miracle

I am a dedicated web developer with interest in blogging and app development. I have lots of buddies and always ready to connect with like-minded pals - See more about me.

View Comments

  • Security is must for every software now a days. Wordpress security plugins are really helpful to protect from harmful code. These tips are very helpful to wordpress site developer.
    free wordpress chat

Leave a Comment
Share
Published by
Obasi Miracle
12 years ago