GoFuckYourself.com - Adult Webmaster Forum

GoFuckYourself.com - Adult Webmaster Forum (https://gfy.com/index.php)
-   Fucking Around & Business Discussion (https://gfy.com/forumdisplay.php?f=26)
-   -   Number 1 way to increase security for your WP blog? (https://gfy.com/showthread.php?t=918275)

Juicy D. Links 07-27-2009 01:13 PM
Number 1 way to increase security for your WP blog?
 
Change the default admin name from ADMIN to something else. Saves so much drama and hassle down the road. Pass it on.:thumbsup

natkejs 07-27-2009 01:14 PM
wise words and sigspot

Juicy D. Links 07-27-2009 01:19 PM
Quote:
Originally Posted by natkejs (Post 16112171)
wise words and sigspot
Sometimes the most obvious and commonsense ones are the ones most overlooked... :2 cents:

natkejs 07-27-2009 01:23 PM
You're right, I'm hitting myself for not thinking of this earlier

Machete_ 07-27-2009 01:24 PM
Good advice man

If you want to take it one step further:

Since day #1 in IT infrastructure - Best practice when it comes to any kind of system security, is to demote the admin to a userlvl with no right at all, and use another character as the real admin.

This goes for scripts, web or PC useraccounts.. everything.


By not removing the character, you have the bruteforce wannabe hackers try and hack a account with no rights instead of trying to find the real sysadmin account

Juicy D. Links 07-27-2009 01:25 PM
That would work, too. Hackers + Wasted Effort + getting squat = WIN

Quote:
Originally Posted by KrisH (Post 16112204)
If you want to take it one step further

Since day #1 in IT infrastructure - Best practice when it comes to any kind of system security, is to demote the admin to a userlvl with no right at all, and use another character as the real admin.

This goes for scripts, web or PC useraccounts.. everything.


By not removing the character, you have the bruteforce wannabe hackers try and hack a account with no rights instead of trying to find the real sysadmin account

natkejs 07-27-2009 01:31 PM
Quote:
Originally Posted by KrisH (Post 16112204)
Good advice man

If you want to take it one step further:

Since day #1 in IT infrastructure - Best practice when it comes to any kind of system security, is to demote the admin to a userlvl with no right at all, and use another character as the real admin.

This goes for scripts, web or PC useraccounts.. everything.


By not removing the character, you have the bruteforce wannabe hackers try and hack a account with no rights instead of trying to find the real sysadmin account
That's very good advise :thumbsup

candyflip 07-27-2009 02:42 PM
Check out the WP Security Scan plugin. This does a few things that help too.

Hentaikid 07-27-2009 02:44 PM
Yeah, putting the wp files in a subdirectory not in the root also helps, and a dozen other little things


All times are GMT -7. The time now is 01:06 AM.

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2026, vBulletin Solutions, Inc.
©2000-, AI Media Network Inc123