WordPress Security Considerations

There are whole websites devoted to this topic. This is just a brief overview to alert you to some considerations to help keep your site from getting hacked.

Start with reading the page in the Codex about Hardening WordPress.

Be sure to read the part about File Permissions.

.htaccess files:

I’ve found several different articles with several different pieces of code to add to the .htaccess files to apply security restrictions to various directories.

Instead of doing it manually, there are several plug-ins that help. One I’ve used is:
http://wordpress.org/extend/plugins/bulletproof-security/

This plug-in will also  provide additional security checks.

Back-up, Back-up, Back-up

The best way to protect your data is to have great, and easy to restore back-ups.

Update, Update, Update

The WordPress Community is great about updating the WordPress Core when a security vulnerability is discovered. When you notice that an update is available, you should install it. Always take care that your plug-ins are compatible with the new upgrade.

And, speaking of plug-ins, keep those up to date as well. And if you are not using a plug-in, delete it.

Other Security Related Plug-ins

WP Security Scan
http://wordpress.org/extend/plugins/wp-security-scan/

ServerBuddy

http://ithemes.com/codex/page/ServerBuddy

Other Resources:

There are several resources for scanning your site for malware, such as:

http://sucuri.net/

 

Advertisements

More Information

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s