As of
the beginning of 2009 there were approximately 133 Million blogs online.
WP Dev Suite Review This is a pretty large market and also the perfect playground for
unscrupulous persons who live for spamming, scamming and just creating
malicious programs that can seriously compromise and disable
unsuspecting sites. As WordPress blog owners, we need to do everything
possible to ensure that our sites are never compromised.
Here are
10 very simple steps, tools and tips to ensure that your blog can
withstand malicious attacks and not be overrun with spam.
1. Use Login Lockdown Plugin
Hackers
can easily crack your password and other login credentials by using
Brute Force Attacks (Click here for a definition). This plugin adds an
extra security feature to WordPress by restricting the rate at which
failed logins can be re-attempted from a given IP range.
2. Delete Unused Plugins
Always ensure to delete unused plugins as these can provide loop holes that can be easily exploited.
3. Secure the /wp-admin/ Directory using.htaccess
WP Dev Suite
I
found this one on Google's Matt Cutts' blog. Secure your /wp-admin/
directory by using a.htaccess file to allow access from specific IP
addresses only. Create a new.htaccess file, which you can place directly
in /wp-admin/.htaccess.
This is what the.htaccess file contains:
AuthUserFile /dev/null
AuthGroupFile /dev/null
AuthName "Access Control"
AuthType Basic
order deny,allow
deny from all
# whitelist home IP address
allow from 111.111.111.111
# whitelist work IP address
allow from 111.111.111.111
allow from 111.111.111.111
Replace the 111.111.111.111 with
the IPs you would like to whitelist. This file says that the IP address
111.111.111.111 (and the other IP addresses whitelisted) are allowed to
access /wp-admin/, but all other IP addresses are denied access. The '#' WP Dev Suite Bonus
lines are just notes and can be changed to suit your need.
4. WordPress Security Scanner Plugin
Install
this plugin to help detect any loop holes that may exist in your
database and blog files. It provides a report on what needs to be done
to prevent attacks.
5. Limited Blog Registration Access
If
your blog accepts registration, ensure that a user cannot immediately
register and receive an administrative access. WP Dev Suite Review To change this, go to
your Settings option in the WordPress dashboard, select General. Then
change the New User Default Role to Contributor. This can easily be
changed as the need arise. User privileges can also be assigned using
the Role-Manager plugin.
6. Change Your Login Name
The
default WordPress username is admin and hackers will always try to
infiltrate using this default. So make it harder for them by changing
it.
In your WordPress dashboard, go to Users and set up a new user
account. Give this new user administrator role. WP Dev Suite Bonus Log out and log in
again with the new user account.
Go to Users again. This time,
check the box beside admin and press Delete. When it asks for deletion
confirmation, select the "Attribute all posts and links to:" and select
your new username from the dropdown bar. WP Dev Suite Review This will transfer all the
posts to your new user account. Press Confirm Deletion
http://freshboon.com/wp-dev-suite-review/
Aucun commentaire:
Enregistrer un commentaire