CMS WordPress is the most widely used, both for the benefit of organizations and individuals. Along with its popularity, more and more also are trying to find a weakness of this engine, like a tree faster and faster the higher the wind.
Here are tips to increase the security that must be known by you who use Wordpress as a Content Management System or platform that is working to set the look, content, user administration, plugins, addons and the like.
User Administrator / Admin
By default after mengintall wordpress, then we will get the admin user. Do not penah! using the admin user, change the admin user with other users, such as your name combined with numbers. Most cases of piracy wordpress user is using the admin user using brute force.
Breaker logic is more difficult because they have to guess the username and password, while if you use the user name admin, the breaker just have to attacking your password.
Protect wp-admin Folder
Wp-admin folder is also a dangerous gap that is often used by attackers to infiltrate into your website. amankanlah-amankanlah-amankanlah! how? might be a little more work, but will not take 5 minutes to do so.
create a file. htacess that contains the settings that restrict IP whatever that can access this directory, the settings as follows:
Order deny, allow
deny from all
# Allow my work IP address
Allow from 192.168.1.123 192.168.1.124
Htaccess example script above to mengijikan IP 192.168.1.123 and 124 access the wp-admin folder. Most of us are internet users with a dynamic IP, whether we should change the IP every time you want to access wp-admin? the answer is Yes. To change this htaccess file you can use SFTP. Or you can use other security methods such as ApachePassword Protect example.
Use SSH instead of SFTP or FTP
The reason is simple with the SFTP data transfers that occur will happen encripsi, while FTP does not, in addition to effort and how to use FTP and SFTP are relatively similar.
Make index.html
A simple way is powerful enough to protect a specific folder so as not browsable. create index.html files with contents up to you, for example, contains the sentence: directory access is Forbes. then save it in the plugins folder and other folders. Remember the step-step hacking is to do profiling, by knowing which plugins you use it a lot of information that can be used to find the weaknesses of your website.
Make index.html
A simple way is powerful enough to protect a specific folder so as not browsable. create index.html file.
Similarly, in the present article is titled : Check Your WordPress Security
Related Post :
No comments:
Post a Comment