- This topic is empty.
Viewing 6 posts - 1 through 6 (of 6 total)
Viewing 6 posts - 1 through 6 (of 6 total)
- The forum ‘Other’ is closed to new topics and replies.
The forums ran from 2008-2020 and are now closed and viewable here as an archive.
I have dealt with a couple different situations where a users WordPress site has been hacked. I understand there are a number of factors that can play into this, but I am curious about what you do during your installation process to keep your WordPress install secure.
I subscribe to the Digging into WordPress way, where you install an a separate directory other than the root. What about you?
I can not say for sure that these sites were hacked because of something that I did, but I would like to make sure that I am doing what I can to protect each site I setup.
I use these plugins for security:
http://seanfisher.co/2011/01/lockdown-wp-admin/
http://www.websitedefender.com/secure-wordpress-plugin/
@JoshWhite Put WordPress in its own folder, rather than the root.
I use Vaultpress. Sure, it’s $15 a month, but for secure and reliable backups of absolutely everything it’s a small price to pay.
Another plus 1 for “website defender”. Also I lock down my admin root with a .htaccess that only allows me to log in from certain IP addresses. Also running a “stop” bad queries script in my plugins folder.
Thank you for the feedback everyone, there are a lot of good options here!