Matt Cutt gave new wordpress security tips

 Matt Cutt is a well know google engineer. He gave recently security tips on wordpress. Wordpress security is always a concern for bloggers who using this platform. The following tips can be helpful for bloggers to get secure from hackers.

1. Drop version string in header.php
The tag in your header.php that displays your current version of wordpress.
<meta name=”generator” content=”WordPress <?php bloginfo(’version’); ?>” />

Since everyone knows your wordpress version this way, your blog is prone to hackers if you have not upgraded to the new version.
Hide your wordpress version by deleting it or simply changing it to
<meta name=”generator” content=”WordPress” />

2. Put a blank index.html in /plugins/ directory.
In a normal wordpress installation, anyone can access your Wordpress plugin folder to see which plugins you have installed. The path is
http://www.yourdomain.com/wp-content/plugins/

Try it for your blog and your entire directory structure is revealed. Just create a blank file in notepad and name it index.html and drop it in your plugins folder and the folder details will no longer be visible to the public and prevent hackers from cracking a plugin security hole.

3. Put .htaccess in /wp-admin/
He points to this article of Protecting the Wordpress wp-admin folder. This will limit access to this folder by IP address and attempts at accessing any file within this folder will be greeted with a Forbidden error message.

The above tips does not gurantee the security of your blog but it may help for small hackers not to invade in your wordpress files. For complete wordpress security one should update the wordpress regularly as wordpress is an open source platform so vulnerabilities is an issue which will continue as it develops more.

Bookmark Now

Related posts

• SET SQL_MODE=NO_AUTO_VALUE_ON_ZERO (2)
• Wordpress is vulnerable to threats (0)
• Sorry you must be at least a level 8 user-wordpress (0)
• Plugins should be use in moderation (0)