Posts

Showing posts from April, 2010

WordPress Sites Being Hacked; Are You Safe?

Over the last few months, hundreds of Wordpress-powered websites were hacked so that they redirected readers to malware sites. This was not the result of a vulnerability with Wordpress per se. Rather, the culprit seems to be a lax file-access setting that allowed any visitor to access a file that contained database configurations, which were used to hack the website.

I have a written a brief guide on securing WordPress. Item 8 is spot on here: set your permission properly. I use WP Security Scan to make sure that all the key files are set to the strictest settings that allow WordPress to function normally. You can make the necessary changes using the File Manager on CPanel. However, take this chance to make sure that all of these security settings have been instituted on your WordPress blog.

The only additional plugin I have used since writing the previous guide is the Antivirus plugin. Unfortunately, this plugin is useful only when your blog is working perfectly. Make sure your blog …