Links from the featured topic of episode one:
The Codex
Hardening WordPress
Changing File Permissions
Editing wp-config.php
General Tutorials
12 Clever Tips for Securing Your WordPress Site via WPCandy
How to: Secure Your WordPress Blog via Mashable
Now That’s What I Call Security (Presentation slides by Brad Williams)
Plugins
Block Bad Queries plugin from Jeff Starr
WordPress File Monitor plugin from Matt Walters
WP Security Scan plugin by hallsofmontezuema
Server Buddy plugin by Plugin Buddy
WordPress Exploit Scanner plugin by donncha, duck_, ryan, azaozz and tott
Vaultpress from Automattic
For Developers
Other ideas to consider
- Choose a vps or dedicated server for a mission critical site.
- Protect your content from scraping and hot-linking.
- Force SSL when you’re logged into the admin.
- If you can’t use SSL, Use a proxy server when you log into your site on open wifi networks.
- If you’re developing a plugin or advanced theme, use nonces and data validation.
- Protect Your Site with a Blackhole for Bad Bots.
- The most insecure factor of WordPress. via @Ipstenu on twitter
Subscribe with iTunes
