Turnip has a great post about protecting your WordPress blog and the entire installation, so to speak. It’s a excellent addition to a post by Matt Cutts I read earlier this year giving 3 tips on protecting your WordPress installation.
To add something to this, what I personally also use is a WordPress plugin called Login LockDown by Michael VanDeMar. It may be similar to creating a particular .htaccess file discussed on the above blogs but may be easier to create using this plugin.
Besides this, I strongly encourage everyone to upgrade to the newest WordPress version whenever available (currently v2.5) so you close old security leaks and ban attackers.
—Marcus Hochstadt
Like this article? Please consider sharing it! :-)
Login lockdown looks interesting, it stops a particular ip address from temporarily accessing the admin login page. It would be more useful if it showed you the passwords being used to guess. Also, it looks like it hasn’t been updated to WordPress 2.5 yet.
Instead I modify the wp-admin folder to only allow access from my IP address. If I change IP addresses, I have to change the .htaccess file. That’s a pain, but I’d rather have the additional security.
I have no been a blogger for very long 6 months in fact and I must confess to liking the WordPress blog format. I currently use Blogger but an considering a change to WordPress as it seems to have much more functionality compared to the Blogger platform.
After pissing off a wannabe EntreCard hacker, I think I ought to take up the advice offered by Turnip and Marcus to make my WordPress powered blog more secure. O_O
Thanks, Turnip. And yes, the .htaccess thing is certainly the safer option for those blogging from known IP addresses.
Let’s secure our installations!
Yeah i heard too .htaccess file helps to increase security . I like wordpress.
i know lots of tips protect wordpress, this tips if one of them, and its very useful and effective