Are you using any wordpress security plugins? If so which ones do find worth installing. Which ones do you use and can recommend?
-
Try "Secure WordPress" -
Log in Lockdown is a good first step. Also, changing your default admin name from admin to something else is a good second step.
Comment
-
ok thanks gonna check them out. One more question: when you're changing the database prefix from default wp_ to something else, when you finished renaming in phpmyadmin and not yet changed it in wp-config.php , when someone visits your site he's seeing a new installation of wordpress with the fields to fill username password etc. so if you have a high traffic site, anyone can change this or is it only you seeing it?Comment
-
Anyone can change it. But I have an idea. Instead of renaming tables, just copy them and give new prefixes. Change wp-config.php to the new prefix and delete old tables. This will prevent displaying configuration page and your page will be all the time up.Comment
-
Yeah! At least one person here who is against Wordpress too
This plugin at least removes version number from every place, so it is more difficult to recognize version of WP. Script kiddies will omit such a Wordpress and chose the one with visible version to use latest sploit for it.Comment
-
Thanks for the tip kazymjir, none of the tutorials I found on the web mentioned this way of changing the prefix. They all recommend doing a temporary "down for maintance" page and redirect all traffic there. Your method is painless.Comment
Comment