Securing Wordpress

[Guard Dog]

A new document is out on a WP coder site that spells out some nice ways to secure your Wordpress website. I'm sure many here could even add a few, but this is very good - so I had to share

http://www.codeinwp.com/blog/secure-your-wordpress-website/

 

[RyanWeb]

Looks like I hit about 16 out of the 20

Super good article for anyone new(er) to wordpress.. And even to remind us older users who get a little lazy when it comes to security - (and mainly) backups..

 

[LandofOz]

This is without a doubt, the best article that I've read on WP security

 

[Guard Dog]

Same here. It is fairly comprehensive.

 

[ARZ]

Thank you for this article, I am currently facing a brute force attacks on one of my sites, so it came very helpful

 

[AussieDave]

I tell everyone to get themselves a static IP from their ISP (internet service provider). Might be free or cost a few bucks a month.

Add a htaccess to the /wp-admin/ EG - deny from all, allow from (the static IP) only.
Even if your login creds are comprimised by a brute force hack, they wont gain access to your Admin area, without accessing that folder, from that IP

Plus, I'm not a fan of using too many plugins. Especially not for site security, when the majority of these fixes can be implimented and secured with your htaccess file.
More plugins, more chances one will contain insecured code and such.

There's a complete list of tips and tricks, I wrote here (AGD) to secure and harden your WP site. I think it could be in the private (non indexed forums). Wrote it when those scum bag hackers were cracking 100's of thousands of sites back in 2014/15. That stuff I added, is reduntant proof

If there were enough people wanting help, I'd write an updated harden-your-wp-site guide.

 

[Rick Perry]

Really useful article about WP security, giving a like ;-)

 

[Return To Player]

You also have the iThemes plugin which does a lot of this is a simple dashboard AND isn't too heavy on resource.