Aug 15

Three WordPress Security Tips

I came across this post on quickonlinetips who got these tips from Matt Cutts. While some of them I have been following there a few tips that are new to me or can be done in a better way I am listing them all here.

1. Drop the WordPress Meta Tag

By default a large number of WordPress themes have the WordPress Meta Tag which show the version of WordPress that is currently running on the blog. I have even removed the Powered by WordPress links from the footer this has reduced spam by a certain degree.


to block access to the wp-admin directory using htaccess. But this will work only if you browse the net with a Static IP address. Also this is not necessary if you are using the latest version of WordPress.
4. Bonus Point Keep your WordPress Blog upto date using The Wordpress Automatic Upgrade Plugin


			
			
				Previous
Tags:Hacking, Security, Wordpress
Category: Blogging, News, Wordpress
Next


		
		
							Get RSS Feed
				
				
				
					
					Bookmark
					
					
					del.icio.us
Digg
Netscape
Yahoo! My Web
StumbleUpon
Google Bookmarks
Technorati
BlinkList
Newsvine
ma.gnolia
reddit
					
					
						
				
				
				
				
			
		

				
						This entry was posted
												on Wednesday, August 15th, 2007 at 12:11 pm						and is filed under Blogging,  News,  Wordpress.
						
							
						You can follow any responses to this entry through the RSS 2.0 feed.
							
													Both comments and pings are currently closed.
										

	
	








    8 Comments
    
    			
		
			
							
								1
			
			
								Awesome tips! Thanks for sharing.
				Haris Posted on Wednesday, August 15th, 2007 at 3:41 pm
			
		
	
		
        
        
    			
		
			
							
								2
			
			
								Simple but effective tips for security are always the best.
Jamie
				Terinea Weblog Posted on Wednesday, August 15th, 2007 at 4:48 pm
			
		
	
		
        
        
    			
		
			
							
								3
			
			
								Hmm, its Quick Online Tips, not Quick Tips Online  ! And yes, those tips were really security helpful! 
				Rishi Posted on Wednesday, August 15th, 2007 at 8:07 pm
			
		
	
		
        
        
    			
		
			
							
								4
			
			
								I never know about the problem with Meta tag. Nice article. I think the last link in your post is not correct.
				Nirmal Posted on Thursday, August 16th, 2007 at 9:03 pm
			
		
	
		
        
        
    			
		
			
							
								5
			
			
								I never gave a thought to that, these are a must have, i will surely be giving a thought to that.
				Vaibhav Posted on Thursday, August 16th, 2007 at 9:19 pm
			
		
	
		
        
        
    							
		
			
							
								6
			
			
								I’m new to wordpress. Had no idea about the /wp-admin/ Thanks!
Is there any way that I can get rid of the meta tags and retain certain content which previously was meta tagged?
				web hosting review Posted on Wednesday, November 14th, 2007 at 10:28 am
			
		
	
		
        
        
    			
		
			
							
								7
			
			
								I would add one more tip that I have seen happen to blogs that I host. Don’t use the default table prefix wp_, come up with a difficult to guess one.

If you already have wp_ , it is easy to change through phpmyadmin.
				Sherif Elsisi Posted on Thursday, January 17th, 2008 at 4:46 pm
			
		
	
		
        
        
    			
		
			
							
								8
			
			
								1. Why would this IP restriction be more effective than a password protection using the similar .htaccess and .htpasswd method which offers the same level of protection sans the changing of IPs when you move/travel. And let your browser/keychain remember you password so you can just hit enter when prompted.
2. I’m pretty sure most web host have directory browsing turn-off by default and in that case, won’t it show a 404 page thus going to that location makes no sense. However for those not doing that, I’m pretty sure they have a reason and if they’re to follow your steps, they must have been smart enough to do a directory browsing off through their Web Host Panel or through .htaccess.
3. This is the least updated feed and we’re talking about Wordpress, you’ll definitely hear about new releases within days unless you’re on an extended vacation.
				tips blog Posted on Saturday, September 6th, 2008 at 3:00 pm
			
		
	
		
        
        
        
    
        



    4 Trackbacks/Pingbacks
    
    
	
	
		
				
		
			Securing WordPress — Quick links I found « sysblogd
			
				Pingback				on August 19, 2007			
			[…] Three WordPress Security Tips […]

		
	
    
        
	
	
		
				
		
			Speed links - SEO and Wordpress tips and tweaks | DailySEOblog
			
				Pingback				on August 20, 2007			
			[…] Three Wp security tips - By Arpit Jacob […]

		
	
    
        
	
	
		
				
		
			å°é£¯åŒ…ç¢Žç¢Žå”¸
			
				Trackback				on September 12, 2007			
			3å€‹ Wordpress çš„å®‰å…¨é˜²è·å®åš€…
1.åˆªé™¤Wordpressåœ¨metaçš„ç‰ˆæœ¬è¨Šæ¯

å¤§éƒ¨åˆ†ä½¿ç”¨çš„æ¨£æ¿ï¼Œåœ¨header.phpé€™å€‹æª”æ¡ˆä¸éƒ½æœƒæ”¾ä¸Šä¸€æ®µmetaæ¨™è¨˜.

<meta name=”generator” content=”WordPress <?php bloginfo(’version’); ?>” />

è€Œ…

		
	
    
        
	
	
		
				
		
			Extropica » Blog Archive » Hacked!
			
				Pingback				on September 19, 2007			
			[…] I haven’t exactly found much reassurance. It seems that SQL injection exploits are common. This post offered some nice tips to help foil worms. I need to research the problem further, to make sure I […]

		
	
    
        

    



		

    Sorry, comments for this entry are closed at this time.

Three WordPress Security Tips

8 Comments

4 Trackbacks/Pingbacks

Related Posts

Subscribe

Categories

Three WordPress Security Tips

8 Comments

4 Trackbacks/Pingbacks

Related Posts

Subscribe

Categories

Tag Cloud