deep thoughts @ 12 Jun 2009 07:09 pm by bigfish

Hardening WordPress

After our brush with spam attacks, it’s time to harden WordPress.

I found the post titled “10 Tips To Make WordPress Hack-Proof. The Ultimate Guide” to be very useful, in that step-by-step sort of way. I don’t want to become an expert on hardening a blog; I just want to be sure that our blog is locked down better than most so that we’re not an easy target.

The Secure WordPress plugin is a nice and easy way to fill some security holes (after updating WordPress itself and any plugins). I also found WP-Security Scan worth running. (It pointed out some obvious holes.)

Finally, take a look at the WordPress-Password-Cracker, which is designed to set the security of user passwords against brute force attacks. (Warning: this can take a long time to run and it hasn’t been tested with 2.8. I’m testing it now.)

Update: Either this plugin is broken or it just takes forever to run. I’ve deactivated it for now.

Seems to me, that should lock the door reasonably well, but we always keep backups. Just in case.

Share:
  • del.icio.us
  • Digg
  • Reddit
  • Google Bookmarks
  • StumbleUpon
  • SphereIt

2 Comments »

2 Responses to “Hardening WordPress”

  1. on 12 Jun 2009 at 9:44 pm   Hardening WordPress

    [...] View original here:  Hardening WordPress [...]

  2. on 12 Jun 2009 at 10:10 pm   Posts about plugins as of June 12, 2009 | All About WordPress

    [...] And Anon&#121&#109&#105ze It With Just One Click Hardening WordPress – nostarch.com 0&#54&#47&#493/2009 After our brush with spam attacks, it’s t&#105&#109&#101 [...]

Trackback URI | Comments RSS

Leave a Reply