Jomeokee Trail at Pilot Mountain

WordPress Security Tips

January 18, 2008 Filed under: Blogging

Matt Cutts has posted three security tips for WordPress users. Here’s a quick overview:

  1. Protect your wp-admin directory with an .htaccess file
  2. Protect your wp-content/plugins folder with either a blank index.html or an .htaccess file
  3. Keep your WordPress install up to date by keeping tabs on the WordPress development blog

I was already doing item 1, though I don’t currently handle IP white-listing (that’s an appealing idea). Item 2 was something I didn’t even know to do. When I checked to see if my plugins were listed, they did indeed show up. I have since corrected this issue. Item 3 is a no-brainer.

Matt also suggests removing the WordPress meta tag from your theme’s header.php file (which I have also done). This particular “bonus” tip doesn’t add a whole lot, but it at leasts cuts down on your broadcasting what version of WordPress you have installed.

« Sun Purchases MySQL Three iTunes Annoyances »
 

Leave a Reply

The following XHTML tags are allowed:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>