Daily Archives: May 16, 2012

I’ve been hard at work implementing an increased level of security for a client who has a number – more than 10 – WordPress sites. These sites were repeatedly being hit by the bad guys who gained access to her WordPress installations via brute force attacks. These attacks exploited vulnerabilities in the standard WP configuration and added a large number of  bogus subscribers.

In an effort to “harden” this client’s WP sites, I’ve been working with a tool called Better WordPress Security by Bit51. There are a large number of WP security plug-ins available – most of them are free – but Bit51’s seems to combine most of the known WP vulnerabilities that can be remedied into one package. For example, did you know that the standard WP table prefix of “wp-” is an open invitation to mischief via PHP injection attacks? A savvy hacker can cobble together a bit of PHP code  that wreaks havoc with the WP database simply because the default table prefix is very seldom changed. Bit51’s plug-in will generate a random table prefix and automatically apply it to the WP database.

This is just one example from a whole slew of tweaks and fixes in this plug-in. It can even handle database backups for you and I know from my own experience that finding a reliable backup utility that actually does what it’s supposed to can be a tall order. Many of them are half-baked at best, do not work with all server configurations or their support ceased long before WordPress 3.x came on the scene.

Some of the recommended tweaks do not work with all themes or server configurations but this package is well worth the time taken to install and configure it. Even if you can’t use some of the fixes that Better WordPress Security offers, any amount of security is better than none at all.

Better WordPress Security is “donation-ware” which means that it’s free for you to use but Bit51 would certainly appreciate any legal tender you send their way. If you’re trying to decide whether you pay the electric, gas and water bills this month, not to worry; Bit51 will gladly accept Tweets and/or posts about Better WordPress Security which is what I’m doing here. I’m also going to nag my client about a significant donation to the cause.

Go to bit51.com/software/better-wp-security/ to learn more.

My Rating:

This Month’s Rants

May 2012
« Apr   Jun »

Pipe Count

Dr. Data's Pipe Count

480 (+/-)

Dr. Data has PAD - Pipe Acquisition Disorder

Professional Reader

Subscribe to my Rants

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 222 other subscribers