If you are setting up your web site like many, you may be using one of the easy free open-source Content Management Systems (CMS) like WordPress. WordPress allows one to easily start a web site in only a few steps, from connecting the database to titling the web site.
With the ease of use, also comes responsibility with any type of web application or third party installation. Security. For example, “Hardening” (keeping secure) your WordPress install includes some of the following:
- Keeping your WordPress install updated
- Since version 2.7, WP features automatic updates
- Admin and FTP passwords kept strong / difficult mix of letters, numbers, symbols
- Change your main administrator account username “admin” to another username. With defaults of CMS, many bots will search out to these defaults and will search for ways in
- File Permissions on the server set for your folders to now allow other users to overwrite your files
- Keeping plugins updated
- More info at “Hardening WordPress” on WordPress.org
Your system is always is as strong as your weakest point. If you install third party plugins, make sure those plugins are reviewed and don’t compromise your security too.
We have used WordPress with many clients and one security plugin we suggest is “Bulletproof Security”
Keep your web sites updated and have fun!