Many famous blogs have been hacked and defamed before. To avoid the same disaster from happening to your own blog, you can try the tips below to make your Wordpress blog more secure, at least from the view of script kiddies.
Tip 1 :Remove Wordpress ‘version string’ in your theme files
- Go to Wordpress dashboard, click on presentation -> edit themes -> header.php
- Find and remove this.
bloginfo('version')Save the file.
Tip 2
lace empty ‘index.html’ file in the plugins
folder- Open Notepad. Click ’save as’ and save the file as index.html (be sure to change the filetype from text files to all files)
- Upload the file to Wordpress plugins folder in your web server.
Tip 3: Upload a copy of .htaccess file in the wp-admin folder
- Using FTP program or your webserver file manager, go to the root folder of your server and download .htaccess file (set ’show hidden files’ first if you’re using FTP program such as FileZilla)
- Go to your wp-admin folder
- Upload the .htaccess file you’ve downloaded just now.
Thanks to ro.botys for passing us the three Wordpress security tips.
You can also disallow users pretending to be search engine/ search engines from crawling the core Wordpress folders by putting these in your robot.txt file (upload the file to root of your Wordpress installation folder when you’ve finished).
# This rule means it applies to all user-agents
User-agent: *
# Disallow all directories and files within
Disallow: /wp-admin/
Disallow: /wp-includes/
1 comments:
This is my first visit to your web journal! We are a group of volunteers and new activities in the same specialty. Website gave us helpful data to work. File share
Post a Comment