Comments on: WordPress Security

By: How to Keep WordPress Secure | Home Business Infopreneur Resources

How to Keep WordPress Secure | Home Business Infopreneur Resources — Tue, 08 Sep 2009 14:35:11 +0000

[...] Alex Sysoef, of Expert WordPress, says that you should never use Fantastico to install your blogs and that you should install them manually. Alex is the one that recommended the report on his blog post WordPress Security. [...]

By: olly@Computer Parts

olly@Computer Parts — Fri, 25 Jul 2008 12:17:46 +0000

One thing with wordpress that has really annoyed me recentely is something , either a hacking attempt or something that is considered malicious appeared on my blog. I was totally unaware until I came up against one of my posts in the SERPS.

Google (and FF3) was blocking my site saying it was potentially harmful – This could ahve been like it for ages – thanks Webmaster Tools for the warning! (none received)

I got this sorted and was allowed back in without the restriction but today I find it has happened again – may have been like it for some weeks.

Now I do not know what it is, something to do with a stat counter so I have been forced to upgrade my wordpress in case its a vulnerability. This has not come without complications as I lost all my categories! Grr – annoying!

By: axioblogger

axioblogger — Tue, 15 Jul 2008 09:04:19 +0000

Wordpress 2.6 has been released. The official wordpress blog claims that worpress 2.6 has fixed 194 bugs. I hope this is true. axiobloggers last blog post..Wordpress 2.6 is Released

By: TheSpot-er

TheSpot-er — Fri, 11 Jul 2008 09:46:06 +0000

Yep, you are.

WP Install through fantastico is completely automated and you have no way to change the prefix.

Alex

By: tonyran@adsenstips

tonyran@adsenstips — Fri, 11 Jul 2008 09:06:46 +0000

Hang on, fantastico dont create tables in the database, wp install did, and its very easy to change the prefix to something else. Am I missing something here?

By: Rhys

Rhys — Thu, 10 Jul 2008 13:00:38 +0000

Thanks Alex! You did a lot of research for this post and your explanations are very helpful. Good one! Rhyss last blog post..Maximize SEO like a ‘Pro’

By: Andy@hair loss

Andy@hair loss — Sun, 06 Jul 2008 16:13:17 +0000

Very well done post, thanks a lot. Compared to our guru Matt Cutts (who gave some indications some time ago in his blog), I found your hints much more concrete and well documented by the reference links.

I once got hacked with a WP blog, and same happened again 2 weeks later until I upgraded. So certainly backups are nice to have, but indeed you never know whether there is any kind of backdoor. It is safer to sleep without this fear.

So in fact I already started with some of the measures, especially adding passwords to the admin section and limiting access to the files.

Indeed changing prefix of database shold be one of the most efficient things to do, but this seems to be a bit more complicated on existings installs with some more plugins than just the basic edition.

By: TheSpot-er

TheSpot-er — Sun, 06 Jul 2008 12:19:39 +0000

Thanks Andy,

Do what I can

By: Barry McDonald@ItWasSoEasy.com

Barry McDonald@ItWasSoEasy.com — Thu, 03 Jul 2008 14:13:53 +0000

Great post,

I’m happy to say I never got hacked but thanks for the heads up and great advice, I’m starting to upload the necessary plugins right now.

By: Dennis Edell

Dennis Edell — Wed, 02 Jul 2008 09:21:32 +0000

Dang! One post I shouldn’t have read. Without fantastico I probably wouldn’t be blogging…at least never gotten started.

Dennis Edells last blog post..First Ever Direct Sales Web Marketing Blog Article Round-Up, Yeehaw!