The Ultimate WordPress Security Guide - Make Your Site Hackproof @ MyThemeShop - 0 views
-
Even if you hand over the security role for your site, you should still have a good understanding of WordPress security – so you can be sure you’re really getting the protection you need.
-
recognize risk signs. A risky product is: Rarely updated – it’s hard to code a security fix for a theme you’ve virtually abandoned Has many bad consumer reviews Lacks adequate support Has a bad history of being hacked
-
how do you know if a theme or plugin has been hacked in the past? You can start by checking wpvulndb – a database that tracks thousands of exploits across a wide range of plugins and themes.
- ...10 more annotations...
-
Google is your best choice for finding the vulnerabilities that are not listed in wpvulndb.com. Just type “plugin-name exploit”
-
Insecure plugins and themes are the main WordPress security risks. So it’s extremely important to make careful choices.
-
It’s better to deactivate the plugin than run it. You can either find a replacement or wait until the issue is fixed.
-
If you ever experience a “white screen of death” after updating your plugins, there’s a simple procedure that will fix the situation: Disable all plugins. One by one, activate each plugin you absolutely need Then activate the plugins that are not essential, but have cosmetic value – again, do it one by one Finally, delete the plugins you don’t need
-
Top security pros rely on automated software that scans their networks and sites for weaknesses, notifying them of problems. It gives them the ability to respond quickly. You can do the same with ReScan.
-
You can use .htaccess files to prevent hackers from looking at code they shouldn’t see – including your wp-config file