WordPress Security advice

by Sissy76

Posted: 15 years ago 5 replies

WEB DESIGN

Hi guys,

Just need some advice, I've started blogging for a new client & over the last few days have had some new users appear on the site. They used an email address whose url led to a dodgy-looking Russian site. I'm pretty sure it's a spam bot that's gotten in and set them up as the site hadn't been updated to the latest version of WP. I've updated it & deleted the spam users, but am wondering what is the best way to secure the site (apart from changing passwords)? I'm pretty sure WP was setup on this site with an auto install, is there any way to correct this with the current setup, or do I need to uninstall WP & do a manual WP install?
I'm not the most technically advanced Warrior, so any and all help would be invaluable.

Cheers,
Sissy

PS, I've also posted this in the Programming forum, so apologies for any double up, just not sure which forum is the best for this kind of problem.

#advice #security #wordpress

yrsp007 15 years ago

Security for you site . Is it?
- Thanks
{{ DiscussionBoard.errors[4203425].message }}
wcardinal 15 years ago

go here and turn off "anyone can register" /wp-admin/options-general.php

I would also install the plugin "login lockdown" as well as change your password.
- [ 1 ] Thanks
Signature
{{ DiscussionBoard.errors[4204336].message }}
1babywarrior 15 years ago

hi there, for wp i suggest using akismet and recaptcha's for fighting bots and spam, its also important to always have the latest version of wp installed since spam bots often get into older versions. Using your .htaccess file in your web root can block a lot of bad bots and url refs, it can also stop request on a per user-agent basis as well.

RewriteEngine on

RewriteCond %{HTTP_REFERER} c1520.nu.mu.sixxs.org/ [NC,OR]
RewriteCond %{HTTP_REFERER} t66y.com/ [NC,OR]
RewriteCond %{HTTP_REFERER} c1520.youtw.it/ [NC,OR]
RewriteCond %{HTTP_REFERER} 1024.liandal.com/ [NC,OR]
RewriteCond %{HTTP_REFERER} daozi.uk.to/ [NC,OR]
RewriteCond %{HTTP_REFERER} c1522.mooo.com/ [NC,OR]
RewriteCond %{HTTP_REFERER} hao.info.tm/ [NC,OR]
RewriteCond %{HTTP_REFERER} c1520.nu.mu/ [NC,OR]
RewriteCond %{HTTP_REFERER} us1.pazou.net/ [NC,OR]
RewriteCond %{HTTP_REFERER} 1024.cimidi.org/
RewriteRule .* - [F]

^^^this blocks the crummy domains from sending anything from they're servers or traffic, and just shows them a simple error page however you can send them where ever you would like.

RewriteCond %{HTTP_USER_AGENT} ^.*(craftbot|download|extract|stripper|sucker|ninj a|clshttp|webspider|leacher|collector|grabber|webp ictures).*$ [NC]
RewriteRule . - [F,L]

^^^this does basically the same, but works against known malicious user agents, this is a very tiny list of what potential for disaster is out there. Check your logs and see what interesting strings you find.

Changing the admin username from admin is also desirable, use a strong pass with special chars, letters and numbers. Change the database prefix from wp to anything else random under seven digits. This can be done through phpmyadmin if its on your hosting, simply go to the database with the wordpress tables, find users and edit the admin username to something less obvious.

Use a plugin that blocks logins per attempt from ip, there are several out there and they are essential in protection from brute force stuff. Login lockdown is a great choice.

Change the default upload directory from wp-uploads, a lot of scripts, zombies and baddies use this directory in ping bombs and such. This can be done via the settings menu in the admin panel, find media and change the paths to whatever directory you made on the server like /new/path_to/uploads.

And even with all that and then some, you will still have to monitor your access logs and user regs/comments for spammy or malicious activity, since some haters out there know what they are doing and especially if they really don't like your site/campaign.
- [ 2 ] Thanks
- 1 reply
{{ DiscussionBoard.errors[4216063].message }}
- Sissy76 15 years ago
  
  Thanks so much guys for your advice, it's been very helpful. I'll implement those & see how it goes, if anyone can get through your suggestions, they're a bigger menace than I can deal with!
  Thanks again, you're awesome!
  
  Cheers,
  Sissy
  
  Thanks
  
  {{ DiscussionBoard.errors[4225180].message }}
Abhishek Kundu 15 years ago
Hi Sissy,
i had similar problems before with wordpress but now i have managed to handle it. i would like to share my opinion with you as to how you can secure your wordpress installation.

STEPS TO FOLLOW

1. you can go here /wp-admin/options-general.php and turn off "anyone can register".

2. check to see that all the inner folders like wp-content, wp-content/plugins etc have index.php or index.html file in place. this will help you to prevent directory listing.

3. you can use "Spam FREE Wordpress" Plugin to avoid spams in your blog posts.

4. you can install "WP Security Scan" to check your wordpress security level.

5. open functions.php file and add the following code
Code:

function wpbeginner_remove_version() { return ''; } add_filter('the_generator', 'wpbeginner_remove_version');
this will help you to eliminate the version no of your wordpress installation from both the header and RSS feeds.

5. update your wordpress installation and the plugins that you install.

i hope these 5 tips will help you to secure your wordpress installation with a successful website.
- [ 1 ] Thanks
Signature

CLICK HERE>>> FOLLOW ME ON TWITTER <<
{{ DiscussionBoard.errors[4239577].message }}

WordPress Security advice

Trending Topics

The BEST, Highest Leveraged JVs I've Done Lately!

Is there a way to do article marketing these days that actually works?

Hi everyone,

What's preventing you from adopting AI in your sales process?

Wow, my War Room membership for 20 yrs is almost up..,