wordpress security: makingyour site harder for hackers to hack and easier foryou to recover if they...

Download WordPress Security: MakingYour Site Harder for Hackers to Hack and Easier forYou to Recover if they Do

Post on 14-May-2015

2.105 views

Category:

Technology

0 download

Embed Size (px)

DESCRIPTION

Basic tips and reminders to make your WordPress site more secure from hackers and easier to recover if it does get hacked.

TRANSCRIPT

  • 1.e d c kH a

2. What HappenedThree WordPress sites hacked in a weekEach hack redirected the site to a different website, some thatspread malwareThe x - in each case, deleted WordPress completely andrebuilt from a fresh, clean install and from backupsOne site had a hack attempt while being rebuilt 3. WordPress Security:Making Your Site Harder for Hackers to Hackand Easier for You to Recover if they Do 4. WordPress Security:Making Your Site Harder for Hackers to Hackand Easier for You to Recover if they DoA WordPress site needs care and feeding.You need to monitor it.You need to keep it up to date and current.You need to perform regular backups. 5. WordPress Security:Making Your Site Harder for Hackers to Hackand Easier for You to Recover if they DoNever, never, never use the default username adminUse strong passwordsUpgrade to the latest version of WordPressHost your WordPress site with a reliable web host who practices good security andhas good, reliable tech supportBackup your site regularly to your own computer - not on the web server Database Uploads files .sql backup .xml backupBackup options: ManualAutomated and plugins 6. WordPress Security:Making Your Site Harder for Hackers to Hackand Easier for You to Recover if they DoRestoring from Backups - Sometimes it goes smooth and easy, sometimes not.Backup files can get too big to reimport without resorting to trickery.Keeping your blog clean to minimize bloated backup files. Consider drafting your postsin a basic text editor outside of WordPress. 7. WordPress Security:Making Your Site Harder for Hackers to Hackand Easier for You to Recover if they DoDO NOT USE WP PHPMYADMIN - IT HAS BECOME A SECURITY THREATDocument your plugins and how you have them configured. Document your widgets.Document your menu structurePlugins can be a vulnerability too.Dont go overboard on them.Be careful with the plugins you select.Upgrade plugins toohttp://wordpress.org/news/2011/06/passwords-reset/Protective plugins WP Security Scan WordPress Firewall WP File MonitorFollow WordPress.org on Twitter - security notices 8. Advanced WordPress Security.htaccess filesDatabase table prefixHide Your WordPress versionnumberPrevent multiple loginattemptsMore... http://www.mauiwp.com/2011/06/wordpress-security/ 9. Advanced WordPress Securityhttp://www.packtpub.com/wordpress-3-ultimate-security/book 10. Scan Your SiteIf you think you may have been hacked, scan your site: http://sitecheck.sucuri.net/scanner/