WordPress & Internet Security
Internet Security for your WordPress website
With malware and hacker attacks making the news every second day securing your website has never been more important. Vlad Lasky gave a great talk at WordCamp Sydney last weekend explaining some of the issues involved in securing your WordPress website and how to make sure your website is as secure as possible. As the LinkedIn affair a few months ago taught us, no one is immune from hacker attacks but there are some easy-to-implement solutions for small business owners and bloggers.
Below you will find Vlad Lasky’s slideshow that he presented at Sydney University. For those in a hurry here’s a brief outline of some of his key points:
- Ensure you have an SSL certificate on your website
- Install a WordPress plugin that prevents brute force attacks- that is a hacker entering millions of different passwords until they get it right
- Install an application firewall plugin, like WP Firewall 2, to help prevent SQL and PHP injection attacks against your WordPress site
- Don’t make changes to your website when you are using a public wi-fi network such as a cafe. If you really have to access your WordPress website from a public/ untrusted computer always use two-factor authentication
- Ensure your passwords are at least 12 characters long and not dictionary words
- Have a different password for every site
- Change your admin name from admin to something less obvious as this immediately makes life harder for hackers
Securing your WordPress Website – Vlad Lasky – WordCamp Sydney 2012 from WordCamp Sydney