Wordpress Security

[gopinath112]

Hello all

A few days back one of my site get hacked and recovered it now.Iam looking if some one suggest me how to secure WP site.May be its help full to many others too

Thank you.

 

[-saMmy-]

i dont know exactly but you must install latest WP version plus dont download stuff from internet much.

 

[CloudShadow]

hm... were you on a shared hosting or vps? From what i know, WP is already very secure. You just need to be on the lastest version all the time to avoid exploits.

 

[masterb56]

Be careful of the plugins you install like that db backup plugin

 

[gopinath112]

ya what happen if we install db backup plugin?

i installed Backupbuddy before

 

[masterb56]

There was a known exploit there if I recall, haven't used it since.

 

[p2p4ever]

recently w3 total cache plugin contained a backdoor and this was released on the OFFICIAL Site and was removed shortly...make sure you avoid that plugin for some time

 

[gopinath112]

oh ok i uninstalled it

 

[ShareShiz]

if someone gets your login and you have a backup plugin. well .. there goes your site and everything youve done.

backup plugins gives the person ALL the info they need to get rid of your site.

best to just do the backup yourself.

 

[BlackHatKnight]

Look here for more information
http://www.wjunction.com/showthread.php?t=94214

i hope that this isn't spam :facepalm:

 

[rahul23]

Good one BlackHatKnight. i have many wp sites, never got attacked. I was when i had some nulled script in my site.

 

[BlackHatKnight]

Good one BlackHatKnight. i have many wp sites, never got attacked. I was when i had some nulled script in my site.

i am happy that you liked my thread and i wish that won't happen again to you and if you have to use nulled script be sure to get it from the right place and don't install it before moderator approved it or it gets many good comments that it is save

 

[Vick]

You should get:

1. WP W3 cache
2. BulletProof Security

It's all you need, well WP Seo Ultimate as well.

 

[Kw3rLn]

dont install shitty plugins and you'll be fine.

 

[joomlaserviceprovider]

Protect you WordPress site admin with wSecure Authentication

Greetings. We are pleased to announce the release of wSecure. wSecure hides your Wordpress admin URL with a special key so that only you can access. The problem with Wordpress is that anyone can tell if your site is Wordpress by simply typing in the default URL to the administration area (i.e. www.yoursite.com/wp-admin). wSecure helps you hide the fact that your website is built with Worpdress from prying eyes.

Check out wSecure in action here: http://wp.joomlaserviceprovider.com