Matt Cutts last day did a post on securing your WordPress installation from hackers. He had some really nice tips which are highly useful. So I decided to do a reflection here. Here is the link to the original article by Matt Cutts.
What he means basically is that you should not allow the public to see what or plugins are installed and what version of WordPress you are running. so you need to put a simple index.html file to all the folders of WP install directory that haven’t got one by default. For example visit the plugins directory of this blog . The wordpress version needs to be turned off because if you are using an older version that is prone to attack, it is better not to let the attacker know it directly.
** Caution : Be sure you are running the latest version of WP to avoid risks **
Some related articles you may like :
- WordPress (Version 2.3.3) is out upgrade now
- WordPress 2.5.1 update released
- WordPress (Version 2.3.2) is out upgrade now
- Browser hogging CPU when taking wordpress write post page!
- What to do if your firefox wont load a wordpress blog
- Why is my template selection page in WordPress showing cryptic CSS
- WordPress blog painfully slow except for front page
- TinyMCE editor problem after wordpress2.7 install
One Comment
Well I too had blogged about this few days back. One of my friends got his web design ripped after his theme directory was exposed. This method to protect with an index,html file is also not fool proof.
One Trackback
[...] Secure WordPress against Hackers [...]