Welcome to the GoFuckYourself.com - Adult Webmaster Forum forums.

You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so please, join our community today!

If you have any problems with the registration process or your account login, please contact us.

Post New Thread Reply

Register GFY Rules Calendar
Go Back   GoFuckYourself.com - Adult Webmaster Forum > >
Number 1 way to increase security for your WP blog? Number 1 way to increase security for your WP blog?
Discuss what's fucking going on, and which programs are best and worst. One-time "program" announcements from "established" webmasters are allowed.

 
Thread Tools
Old 07-27-2009, 01:13 PM   #1
Juicy D. Links
So Fucking Banned
 
Industry Role:
Join Date: Apr 2001
Location: N.Y. -Long Island --
Posts: 122,992
Number 1 way to increase security for your WP blog?
Change the default admin name from ADMIN to something else. Saves so much drama and hassle down the road. Pass it on.
Juicy D. Links is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 07-27-2009, 01:14 PM   #2
natkejs
Confirmed User
 
Industry Role:
Join Date: Jan 2003
Location: Nomad Land
Posts: 1,624
wise words and sigspot
__________________
natkejs is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 07-27-2009, 01:19 PM   #3
Juicy D. Links
So Fucking Banned
 
Industry Role:
Join Date: Apr 2001
Location: N.Y. -Long Island --
Posts: 122,992
Quote:
Originally Posted by natkejs View Post
wise words and sigspot
Sometimes the most obvious and commonsense ones are the ones most overlooked...
Juicy D. Links is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 07-27-2009, 01:23 PM   #4
natkejs
Confirmed User
 
Industry Role:
Join Date: Jan 2003
Location: Nomad Land
Posts: 1,624
You're right, I'm hitting myself for not thinking of this earlier
__________________
natkejs is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 07-27-2009, 01:24 PM   #5
Machete_
WINNING!
 
Industry Role:
Join Date: Oct 2002
Posts: 14,579
Good advice man

If you want to take it one step further:

Since day #1 in IT infrastructure - Best practice when it comes to any kind of system security, is to demote the admin to a userlvl with no right at all, and use another character as the real admin.

This goes for scripts, web or PC useraccounts.. everything.


By not removing the character, you have the bruteforce wannabe hackers try and hack a account with no rights instead of trying to find the real sysadmin account
Last edited by Machete_; 07-27-2009 at 01:26 PM..
Machete_ is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 07-27-2009, 01:25 PM   #6
Juicy D. Links
So Fucking Banned
 
Industry Role:
Join Date: Apr 2001
Location: N.Y. -Long Island --
Posts: 122,992
That would work, too. Hackers + Wasted Effort + getting squat = WIN

Quote:
Originally Posted by KrisH View Post
If you want to take it one step further

Since day #1 in IT infrastructure - Best practice when it comes to any kind of system security, is to demote the admin to a userlvl with no right at all, and use another character as the real admin.

This goes for scripts, web or PC useraccounts.. everything.


By not removing the character, you have the bruteforce wannabe hackers try and hack a account with no rights instead of trying to find the real sysadmin account
Juicy D. Links is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 07-27-2009, 01:31 PM   #7
natkejs
Confirmed User
 
Industry Role:
Join Date: Jan 2003
Location: Nomad Land
Posts: 1,624
Quote:
Originally Posted by KrisH View Post
Good advice man

If you want to take it one step further:

Since day #1 in IT infrastructure - Best practice when it comes to any kind of system security, is to demote the admin to a userlvl with no right at all, and use another character as the real admin.

This goes for scripts, web or PC useraccounts.. everything.


By not removing the character, you have the bruteforce wannabe hackers try and hack a account with no rights instead of trying to find the real sysadmin account
That's very good advise
__________________
natkejs is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 07-27-2009, 02:42 PM   #8
candyflip
Carpe Visio
 
candyflip's Avatar
 
Industry Role:
Join Date: Jul 2002
Location: New York
Posts: 43,061
Check out the WP Security Scan plugin. This does a few things that help too.
__________________

Spend you some brain.
Email Me
candyflip is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Old 07-27-2009, 02:44 PM   #9
Hentaikid
Confirmed User
 
Hentaikid's Avatar
 
Join Date: Nov 2002
Posts: 1,249
Yeah, putting the wp files in a subdirectory not in the root also helps, and a dozen other little things
Hentaikid is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote
Post New Thread Reply
Go Back   GoFuckYourself.com - Adult Webmaster Forum > >
Number 1 way to increase security for your WP blog? Number 1 way to increase security for your WP blog?
« Previous Thread | Next Thread »

Bookmarks



Advertising inquiries - marketing at gfy dot com

Contact Admin - Advertise - GFY Rules - Top

©2000-, AI Media Network Inc



Powered by vBulletin
Copyright © 2000- Jelsoft Enterprises Limited.