As all of the WordPress users out there know, the "admin" section of the installations is one of the most important areas of your site. That being said, it should also be one of the most well protected parts. This new article from Smashing Magazine has ten tips that you can use to help protect you and your blog from prying eyes.
The administration area of a Web application is a favorite target of hackers and thus particularly well protected. The same goes for WordPress: when creating a blog, the system creates an administrative user with a perfectly secure password and blocks public access to the settings area with a log-in page. This is the cornerstone of its protection. Let’s dig deeper!
Here's their ten tips:
- Rename and Upload the wordpress Folder
- Extend the file wp-config.php
- Move the wp-config.php file
- Protect the wp-config.php file
- Delete the admin User Account
- Choose strong passwords
- Protect the wp-admin Directory
- Suppress Error Feedback on the Log-In Page
- Restrict Erroneous Log-In Attempts
- Keep Software Up to Date