1255 Subscribers and Counting!!!

Protect your wordpress blog

This website is running on Wordpress Platform from December 2007. But, i never thought of protecting my website. Luckily it was never hacked by anyone till date. Today, i came across a post mentioning Security tips to protect wordpress blog.

I followed some of the security tips. Below are the 5 Security Tips to protect Wordpress Blog :

• Remove WordPress Version tag:
  By default lot of wordpress themes will have a Meta tag as below in Header.php:

  [lang='php'][/lang]

  The attacker can clearly find out what version of wordpress you are using. To avoid exposing of wordpress version, it is good to remove the above tag. You just open header.php file and look for the above code, delete the line and save it.

• Hide plugin directory:
  
  Do you know this. Your plugin directory is completely visible. Check it http://www.yoursitename.com/wp-content/plugins. If you can see your plugins directory contents, then anybody can see it which is a security threat.

  The solution is simple. Just create a blank index.html file and upload it to your /wp-contents/plugins/. Now try accessing the above link. You will only see a blank screen.

• Lock down /wp-admin/ directory:Matt Cutts from Google on his post three tips to protect your WordPress installation, the first thing you need to do is protect your /wp-admin/ directory using .htaccess. Just follow the steps he mentioned in his post.
• Upgrade to the latest version of WordPress:
  
  Always upgrade to the latest version as soon as it is released and ready to be downloaded. Every upgrade probably comes with fixes to any security issues and that will make your blog less prone to be exploited or compromised.

  I use Wordpress Automatic Upgrade allows you to automatically upgrade the WordPress installation to the latest version right from your dashboard. This plugin makes your life easy.

  Always upgrade the plugins whenever there is an upgrade. The upgrades might have fixes to security holes.

• Wordpress Database backup:I have scheduled to get backup of Wordpress Database every day and guess what it saved me two times since i am using it from last December 2007. I screwed my wordpress database during last upgrade process and this everyday backup came in handy. The plugin I use is WordPress Database Backup. If you don’t have it, you probably should do it now!

One Last Tip: Please download and install the WP Vulnerability Scanner plugin. When done, simply activate it and launch WP-Scanner and then de-activate it once you’re done with the test.

All the above methods are good and should be implemented which will make it that much harder for any hacker to know which vulnerabilities to exploit.

What have you done to protect your blog? Do I miss anything here? I would love to hear your opinions on this.

You must also check this post : Best (must have) Wordpress Plugins

Technorati Tags: Protect wordpress blog, security tips wordpress, remove wordpress version, wordpress automatic plugin, wordpress database backup, vulnerability Scanner plugin

You Should Also Check Out These Posts:

• Increase Blogs internal linking using SEO Smart Links Plugin
• CommentLuv Plugin is now Ajaxed – AjaxedCommentLuv has more exciting features
• July 2008 Statistics
• Wordpress 2.7 “Coltrane” is released!
• Get FREE Kaspersky Internet Security license key

This entry was posted on Friday, July 25th, 2008 at 1:58 pm and is filed under Security, TipsNTricks, Wordpress. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.