Results 1 to 2 of 2

Thread: How to make your WordPress Blog 100% Secure

  1. #1
    Kishan is offline Senior Member
    Join Date
    May 2009
    Location
    Dibrugarh, Assam, India
    Posts
    154

    Cool How to Make Your WordPress Blog 100% Secure


    Every WordPress blogger wants to make his blog 100% secure so that no hacker could hack it. So, I have written a tutorial to do it:-

    1. First of all add the following code at the beginning of your .htaccess (located in public_html folder) file:-

    Options All -Indexes

    If you have a static ip address then you can also add the following code:-

    AuthUserFile /dev/null
    AuthGroupFile /dev/null
    AuthName “Access Control”
    AuthType Basic
    order deny,allow
    deny from all
    allow from xx.xx.xx.xx

    You will have to change the xx.xx.xx.xx to your static ip address.

    If you have a dynamic ip address then use this code:-

    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteCond %{REMOTE_ADDR} !^xxx\.xxx\.
    RewriteRule .* tech-Know kishan [R,L]
    </IfModule>

    You will have to change the xxx.xxx to your dynamic ip address’s first six numbers. For example, if your dynamic ip address is 111.111.111.1 then you should change it to 111.111. After doing this, you’ll be only able to access the wp-admin folder if your ip address starts from what you have given in the htaccess file.

    2. Change your user from admin to something else. If you don’t know how to do it then follow the tutorial:-

    a. Goto Users>Add New and fill up the details. Select “Administrator” as the role.
    b. Logout from the admin account and login to the new account.
    c. Goto Users and delete the admin account.
    d. Check the button and select the newly created user name in the drop down box.
    e. Now click on Confirm Deletion.

    3. Download the following plugins and install them:-

    WP Security Scan – It will perform a security check of your blog and tell you what shall be fixed in your blog.

    Chap Secure Login – It will send the password encrypted when you login for non-ssl blogs.

    Login LockDown – It will block the IP for (user set) minutes after giving (user set) login attempts to block Brute Force and Dictionary Attacks.

    If you don’t know how to install WordPress plugins then goto this link and follow the instructions given there.



    4. Change your WordPress database prefix. If you don’t know how to do then goto this link and follow the tutorial.

    Some tips which you should follow:-

    • All always update your WordPress version and plugins.
    • Change your admin password weekly.
    • Choose a unique password with uppercase, lowercase, numbers, spaces and special characters (e.g. K!$_h@N) and never use it in other websites.
    • Never tell anyone what Plugins and WordPress version you are using.


    Source
    Last edited by Kishan; 17th June 2009 at 09:58.

  2. #2
    krimon is offline Banned
    Join Date
    Jun 2009
    Posts
    3

    Default

    Greaaat joob thanks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22