Comments on: 11 Best Ways to Improve WordPress Security

By: Mr Singh

Mr Singh — Wed, 24 Feb 2010 03:45:28 +0000

Excellent Knowledge Source ! Please continue this good work in near future also !

By: Michael Martin

Michael Martin — Sat, 20 Feb 2010 13:53:55 +0000

Really sorry to hear that. You could try to recover a little of the damage by looking for sites that may have splogged your feed, RSS readers that have a cache of posts in your feed, or even just the Google cache? The sooner you start looking the better as well.

By: jeprie

jeprie — Sat, 20 Feb 2010 12:43:43 +0000

i should read this post sooner. i just got my site hacked and lost all my post.

By: Web Design Michigan

Web Design Michigan — Mon, 15 Feb 2010 13:33:16 +0000

Thank you for the Wordpress security tips.

By: LeeS

LeeS — Wed, 03 Feb 2010 23:48:17 +0000

I’ve just been checking some security after a hack of a server which may or may not involve my wordpress installs

2.8.4 allowed me to upload a PHP file, which could then be run.

Surely this is a huge security liability

I’m just upgrading this site to 2.9.1 and will test it again

Lee

By: Mikko

Mikko — Mon, 25 Jan 2010 19:55:43 +0000

How these modifications affects SEO capabilities of WP?

By: anadikt

anadikt — Mon, 18 Jan 2010 16:14:40 +0000

Great post, thanks!

By: radhika

radhika — Sun, 03 Jan 2010 23:10:01 +0000

Thank you for great tips.

I also use WP security scan plugin. It scans the WP installation for few basic security issues.

By: pulegium

pulegium — Sat, 21 Nov 2009 21:22:06 +0000

great tips, especially i liked the DB bit, which I always pay least attention to… Also a good thing is that you restrict wp-content only to images and such, leaving out everything else.

you also have IP whitelist, which I always do for my wp-admin. you might want to update to auto redirect to ssl though, just as per:

http://www.grenadepod.com/2009.....wordpress/

By: WCC

WCC — Sat, 21 Nov 2009 00:36:58 +0000

Harvin:

Regarding your #3: I was wondering the same thing, too. After poking around Google, I found the answer on the Apache site: http://httpd.apache.org/docs/2.....ml#options

I think I prefer to leave out the ‘All’ and just specify the ‘-Indexes’ option, but it looks like ‘All’ is the default, so it probably doesn’t matter either way.

(Michael Martin: Thanks for this great/handy/helpful post with super tips!)

-WCC