20 {{ upvoteCount | shortNum }}
20 {{ upvoteCount | shortNum }}

WP SECURITY !! Plan of Attack To Make Warriors Successful..

by jmorris18
17 replies
Hello , I have been reading more and more posts daily and I have come to the conclusion that many of you LOVE Wordpress. Wordpress is known as a user friendly platform where you can pretty much build anything that you desire using hundreds of themes plug-ins that are provided. However, another important function is Security. You can have one of the best authority sites within your niche. However, if security is not focused upon then you can loose everything. This includes your files, folders, your rankings in the search engines, your traffic and most importantly your revenue.

With that being said - What Is Your Plan Of Attack when it comes to WP security ? Please share with fellow warriors what you have done to make your business more secure. If you have used a particular product , or if you provide a web service where you provide security installs, create security focused applications , or have researched and have found your very own unique methods of making WP more secure then please share with everyone here on the forum. The more warriors can be protected , the more of a successful business they will have years to come.

Thank you ,
Jason
#attack #make #plan #plugins #secure #security #successful #themes #warriors #wordpress
  • Profile picture of the author Tyler Pratt
    I just make sure I use the WP database backup plugin. I send a daily email to one of my gmail accounts.

    Then if my blog crashed or got hacked I can just go to one of the emails and perform a restore.
    Signature

    Get the Top 11 Millionaire Tools and 7 Of them are FREE
    >> Yes Get Instant Access <<

    {{ DiscussionBoard.errors[1619858].message }}
    • Profile picture of the author jmorris18
      Originally Posted by Tyler Pratt View Post

      I just make sure I use the WP database backup plugin. I send a daily email to one of my gmail accounts.

      Then if my blog crashed or got hacked I can just go to one of the emails and perform a restore.
      Tyler , great information.. I wander if you can also use a backup service like Carbonite , Mozy etc.

      Thanks,
      Jason
      Signature

      Jason Morris

      {{ DiscussionBoard.errors[1619879].message }}
    • Profile picture of the author karlhadwen
      Originally Posted by Tyler Pratt View Post

      I just make sure I use the WP database backup plugin. I send a daily email to one of my gmail accounts.

      Then if my blog crashed or got hacked I can just go to one of the emails and perform a restore.
      I do the exact same.
      {{ DiscussionBoard.errors[1619943].message }}
  • Profile picture of the author jmorris18
    Warriors , lets here what you have done , or plan to do when you launch your WP Blog promoting your business, product or service.

    Thanks
    Signature

    Jason Morris

    {{ DiscussionBoard.errors[1619920].message }}
    • Profile picture of the author Tyler Pratt
      Originally Posted by jmorris18 View Post

      Warriors , lets here what you have done , or plan to do when you launch your WP Blog promoting your business, product or service.

      Thanks
      I just updated my WSO with a sweet tool that automates your blog promotion. This drives in crazy amounts of traffic.
      Signature

      Get the Top 11 Millionaire Tools and 7 Of them are FREE
      >> Yes Get Instant Access <<

      {{ DiscussionBoard.errors[1620033].message }}
  • Profile picture of the author jmorris18
    I remember seeing where someone created an empty index files for all main folders. Is this a correct step for WP security ?

    Thanks,
    Signature

    Jason Morris

    {{ DiscussionBoard.errors[1620018].message }}
    • Profile picture of the author Tyler Pratt
      Originally Posted by jmorris18 View Post

      I remember seeing where someone created an empty index files for all main folders. Is this a correct step for WP security ?

      Thanks,
      Oh ya that is basic html security. always have index.html inside all folders.
      It can be blank with thing on it.
      Signature

      Get the Top 11 Millionaire Tools and 7 Of them are FREE
      >> Yes Get Instant Access <<

      {{ DiscussionBoard.errors[1620030].message }}
  • Profile picture of the author jmorris18
    What about changing all of the main wp folders from wp.admin to something unique?
    this way hackers are not aware of your admin folders, names etc

    Thanks
    Signature

    Jason Morris

    {{ DiscussionBoard.errors[1620043].message }}
    • Profile picture of the author Emmanuel ED
      Originally Posted by jmorris18 View Post

      What about changing all of the main wp folders from wp.admin to something unique?
      this way hackers are not aware of your admin folders, names etc

      Thanks
      That Looks Like a Promising Idea but you'll need to do a lot of coding to get it right.
      {{ DiscussionBoard.errors[1620064].message }}
      • Profile picture of the author TheRichJerksNet
        Originally Posted by Emmanuel Inyang View Post

        That Looks Like a Promising Idea but you'll need to do a lot of coding to get it right.
        My system already does this for you ... It is not that much coding. And yes it does work because hackers have no idea what your admin folder is. Now this does not mean they can not scan your server but this is why you use many more security measures besides just changing the admin folder name..

        I love all the post about I would not mess with changing the name ...lol What most do not realize is most wannabe coders always use "admin" (in this case it is wp-admin) - Hackers know this though.. I never code any script with "admin" as the folder name...

        James
        {{ DiscussionBoard.errors[1622460].message }}
        • Profile picture of the author lovemyth
          Great info!! I love using wordpress..
          {{ DiscussionBoard.errors[1622504].message }}
    • Profile picture of the author Tyler Pratt
      Originally Posted by jmorris18 View Post

      What about changing all of the main wp folders from wp.admin to something unique?
      this way hackers are not aware of your admin folders, names etc

      Thanks
      I wouldn't mess with that, changing folder names could create alot of other stuff to not work.

      For security just make sure you have the latest updates, both main WP and the plugins. Try not to use to many plugins that you are not familiar with.

      And just make sure you backup your database.

      This is all you can really do to make sure your security is good.
      Signature

      Get the Top 11 Millionaire Tools and 7 Of them are FREE
      >> Yes Get Instant Access <<

      {{ DiscussionBoard.errors[1620100].message }}
    • Profile picture of the author Istvan Horvath
      Originally Posted by jmorris18 View Post

      What about changing all of the main wp folders from wp.admin to something unique?
      No, that's not a bright idea... unless you want to spend your days re-writing the WP code instead of internet marketing. All the files and folders are referenced thousand of times in the code.

      Oh, and put index.html files ONLY into the folders that don't have an index.php

      Jason, in all those days you have spent writing hypothetical threads about "what if..." situations you could have create a site/product and be ready to go

      Not happy with WP - don't use it.

      Want to make it more secure?
      Here are some ideas: Hardening WordPress WordPress Codex

      Want even more? - Buy the secure WP (or something like that) from fellow Warrior TheRichJerksNet (not an affiliate).

      And learn that there is no 100% secure website. There will always be hacked sites - WP or not.
      Signature

      {{ DiscussionBoard.errors[1620121].message }}
  • Profile picture of the author jmorris18
    I also have been told by a well known blogger another tip to help prevent hackers from accessing your blogs.. Here is what he had to say.

    "As for extra security, most attacks are done at the FTP level, so I don't allow FTP access to my blog and I shut down port 21, the FTP port. That will kill off 90% of all attempts."

    Thanks,
    Signature

    Jason Morris

    {{ DiscussionBoard.errors[1622646].message }}
  • Profile picture of the author jmorris18
    Hey James , thanks for sharing feedback. When can we expect to see an updated version of your product? Also, any plans to have an automated system where it will work with all WP updates?

    Thanks,
    Jason
    Signature

    Jason Morris

    {{ DiscussionBoard.errors[1622656].message }}
    • Profile picture of the author TheRichJerksNet
      Originally Posted by jmorris18 View Post

      Hey James , thanks for sharing feedback. When can we expect to see an updated version of your product? Also, any plans to have an automated system where it will work with all WP updates?

      Thanks,
      Jason
      No set date ... Right now working on 2 facebook game apps, upgrades to bookmarks, updates to AP, and several other things .. So kind of busy these days ...

      James
      {{ DiscussionBoard.errors[1622693].message }}
  • Profile picture of the author jmorris18
    Here is another tip that was shared. If you have the following required server requirements then your forms are also protected from hackers. SuExec stops servers from using permissions 777 which is what allow hackers to use php code to access your system through comment forms.

    In otherwords:

    permissions 777 - allows anyone access to your server through forms. 777 means global access to read, write, execute.

    SuExec - Only allows the server owner access to such folders. SuExec means access to read, write, execute to the server root only.

    So , use a web hosts that offers SuExec features.

    Thanks,
    Signature

    Jason Morris

    {{ DiscussionBoard.errors[1622689].message }}

Trending Topics