Search
Forum Home | Login
albert123john
albert123john
Join Date 02/2009
0

Secure Your Blog from Threats with These Four Additional Security Tips

February 26, 2009 2:12:19 PM from Stardock ForumsStardock Forums

There was a lot of importance given to the coding and running of WordPress in the last article on WordPress security. Listed below are four of the most important precautions that [url=http://www.intellixmedia.com/web-development.htm] Web Development[/url] need to take in order for WordPress blog to be secure.

                                             

Utilize strong passwords: This is an obvious good security practice, but too often forgotten. Make sure all your passwords are strong: your admin account, the ftp account and any other WordPress accounts that have any edit privileges. A simple web search will uncover stories telling you the best way to choose strong passwords. Instead of being redundant, let me just suggest that you read these pieces and consider what they say. Additionally, following their rules does not mean copying the choices!

 

Use SCP in lieu of FTP: The availability of good FTP programs makes transferring files to and from your hosting server onto your blog simple and convenient. If you can easily move files locally, most FTP programs will work for you. Search online for one that works for you. The problem with FTP is that your username and password is sent in clear text to your server. To be more secure you should use SCP instead. Here are two programs that I recommend: WinSCP for Windows and Cyberduck for OS X. To use SCP you need to enable SSH login on your server. And while you're at it you should disable FTP.

 

Write-protect your theme: There appears to be an exploit going around that modifies installed WordPress themes to add spam links or malicious iframes. One way to make this exploit more difficult is to modify the file permissions of your WordPress themes directory to 755 and the files within the directory to 644. The drawback is that you will now have to FTP modified files to your web server each time you want to make changes to your theme. Unfortunately you cannot apply the same write protection to the plugins directory since many plugins write data to the directory where it's installed.

 

View the HTML source of your site often: You should view the HTML source of your web site often. If you find chunks of encrypted JavaScript, embedded IFRAMEs or hidden links to sites you don't know, then your blog may have been compromised. The reason to do this often is so that you can discover any issue before Google does and blacklists you, or any of your readers get infected by malicious software distributed by your site.

Locked Post
Search this post
Advanced Search
Subscription Options
Reason for Karma (Optional)
Successfully updated karma reason!
albert123john
kingbee
Join Date 04/2004
+42
Reply #1 February 26, 2009 2:55:26 PM
from JoeUser ForumsJoeUser Forums

one more important tip you forgot:

be sure to sprinkle your computer (the whole thing--not merely the monitor) with fresh chicken blood at least once a day.  for even more protection you'll need to chant "o wah tah jer kyam" while killing the chicken.

Reason for Karma (Optional)
Successfully updated karma reason!
albert123john
RaveBomb
Join Date 02/2005
+4
Reply #2 February 26, 2009 3:22:01 PM
from Sins of a Solar Empire ForumsSins of a Solar Empire Forums

Will turkey blood work if a chicken isn't available?

Reason for Karma (Optional)
Successfully updated karma reason!
albert123john
Kitkun
Join Date 06/2008
+175
Reply #3 February 26, 2009 3:28:38 PM
from Sins of a Solar Empire ForumsSins of a Solar Empire Forums

No. There's no hope for you now.

 

Reason for Karma (Optional)
Successfully updated karma reason!
View all recent posts
Mark all posts as read Delete cookies created by the forum Return to Top
Stardock Forums v        Server Load Time:   Page Render Time:

Stardock Magazine | Register | Online Privacy Policy | Terms of Use

Copyright © 2025 Stardock Entertainment and Gas Powered Games. Demigod is a trademark of Stardock. All rights reserved. All other trademarks and copyrights are the properties of their respective owners. Windows, the Windows Vista Start button and Xbox 360 are trademarks of the Microsoft group of companies, and 'Games for Windows' and the Windows Vista Start button logo are used under license from Microsoft. � 2012 Advanced Micro Devices, Inc. All rights reserved. AMD, the AMD Arrow logo and combinations thereof are trademarks of Advanced Micro Devices, Inc.