scuttle: wordpress security

Sort by: Date / Title / URL

  1. Tips on how to both detect WordPress hacks and more importantly, prevent future hacks.
  2. The comment referrers plugin stores the HTTP referrer field when a comment is submitted and then adds it to the comment in the admin / email view. Helps to identify spam.
  3. Black Hat Boot Camp have a list of (currently 64,724) WordPress blogs which can be searched or downloaded in plain text format, for free.
  4. A list of vulnerabilities in WordPress versions. Very useful.
  5. A list of security related plugins for WordPress. Some good stuff.
  6. AskApache Password Protect is a WordPress plugin which uses .htaccess and other methods to block some common WordPress attacks. Some of the options get in the way of functionality, but many do not and will help.
  7. Samhain is a multiplatform, open source host-based intrusion detection system (HIDS). Samhain provides file integrity checking, as well as rootkit detection, port monitoring, detection of rogue SUID executables, and hidden processes.
  8. The beginnings of the manual for AIDE (Advanced Intrusion Detection Environment), the free replacement for Tripwire.
  9. An article from Noupe.com on securing WordPress installations. Some general tips such as restrict by IPs, block repeated failed logins, disallow directory listings, block access to wp-config.php, etc.
  10. WP Security Scan is a WordPress plugin which scans your WordPress installation for security vulnerabilities and suggests corrective actions.
  11. Article on WordPress security by TechCrunch. Good post encouraging people to keep their version up to date, etc.
  12. Tripwire monitors files on the filesystem for changes as a method of intrusion detection. Similar systems include AIDE and Samhain. Useful for detecting web site hacks.
  13. Donncha writes a useful article on detecting if your site has been hacked, monitoring systems to check for hacks, and how to secure your site to avoid future hacks.
  14. A WordPress plugin that encrypts the admin interface traffic over SSL to increase site security.

First / Previous / Next / Last / Page 1 of 1