The first steps working with WordPress
If you want your blog work properly, immediately after setup of engine it’s needed to organize for the system powerful protection. This term refers to the establishment of certain plugins, hacks and other information changing, to secure your Internet resource and to optimize its work.
The algorithm works as follows:
1. Set access rights. Open the folder wp-content and create in it (if it’s not yet) the folder uploads. To the folders wp-content/cache and uploads assign the rights “777”. In the system there shouldn’t be any folder with this access code.
2. Shield from overview. In the folder with your plugins create a file index.html.
3. Folder wp-admin – limit the access. This can be done by IP blocks, plugin AskApache Password Protect or Login Lockdown. It can also be paroled via the admin panel.
4. Update plugin and the engine in time. In other case, it is enough to use an adapted plugin Instant Upgrade.
5. Change FTP on connection through SSH/Shell. Don’t save password in FTP Manager.
6. File wp-config.php is protected from unauthorized access by writing a code.
order allow,deny deny from all in the file called .htaccess.
7. Remove the file install.php. manually if you have set the WordPress with version below 3.0. In other versions the file is deleted automatically after setup.
8. Enable a service of automatic interruption of session.
Please note that the passwords always should be original and complex. To protect your system use UTF-8 coding, which should be written while creating the database.
Protection by plugins
Possible ways to increase security:
1. The daily backups.
2. Replacement of login url to admin panel. This can be done using the plugin Stealth Login.
3. Protection from XSS attacks. Use plugin Anti-XSS Attack.
4. Use secure and trusted browsers, for instance, Мozilla Firefox, Opera and Google Chrome.
5. The antivirus on the computer should always be in working condition.
6. Use the plugin broken link checker for seeing changes in files and folders.
Also remember that storing the passwords in the browsers you simplify the work of hackers. Also stick to the rule of safe uploads. Avoid unknown suspicious resources.
To protect your blog may help regular checkups for spam. Firstly, it’s required to reread all the comments, and secondly, to use a specially adapted plugins like Akismet.
Having done all the above steps you can protect your web resource from theft and “loss of efficiency”.