Easy Wordpress Install » Security

WordPress Security Tip #3

EasyWPAdmin — Tue, 25 Aug 2009 02:04:20 +0000

Help keep your WordPress blog hack-free by regularly updating the core files. It’s easy to do by yourself.

Warning: Be Sure To Back Up Your Database First! You’ve been warned!

Log into your admin dashboard. If an update is available, WordPress will let you know here:

And here as well:

The update can take a few minutes, typically you’ll get no errors unless you have a heavily modified core install (very unlikely, but you I don’t know you).

Share and Enjoy:

Example of Why You Should Change Your Default Admin In WordPress

EasyWPAdmin — Tue, 11 Aug 2009 15:50:38 +0000

Brought to you by Gossemer Threads:

The way WordPress handle a password reset looks like this:
You submit your email adress or username via this form
/wp-login.php?action=lostpassword ;
WordPress send you a reset confirmation like that via email:

”
Someone has asked to reset the password for the following site and username.
http://DOMAIN_NAME.TLD/wordpress
Username: admin
To reset your password visit the following address, otherwise just ignore
this email and nothing will happen

http://DOMAIN_NAME.TLD/wordpress/wp-login.php?action=rp&key=o7naCKN3OoeU2KJMMsag
”

You click on the link, and then WordPress reset your admin password, and
sends you over another email with your new credentials.

Basically, some jerky hacker hits the admin page login URL with some extra code at the end, telling WordPress to reset your admin password.

Here’s the quick non-tech savvy way of changing it:

1) Log into your WordPress admin panel

2) Create a new admin user, the more discrete the name the better (nothing generic)

3) Be sure they have the administrator role assigned to them

4) Log out, then back in as the new admin user you just created

5) Delete the default user “admin”, WordPress will then prompt you if it needs to assign any new posts/pages to a new user (only if you’ve written anything as the default admin, otherwise you can ignore)

So there you have it. We recommend this as a basic part of securing your WordPress blog, along with our other tips on security as well.

Share and Enjoy:

WordPress Security Tip #2

EasyWPAdmin — Tue, 28 Jul 2009 01:32:32 +0000

New owners of their very own hosted WordPress blog may feel a little overwhelmed with the responsibility they now have. Not only are you in control of the content and the design of your blog, but you must also control the security as well. One of the first things you should do, and the easiest, is to keep track of your WordPress core and plugin versions.

First step is to log into your WordPress blog and check the dashboard. Here you can easily see the WordPress version your are running (2.8.2 currently) and if any of your plugins have updates that need to be applied:

As you can see from the picture (above), we are running the most current core version of WordPress, but one of our plugins need to be updated. Click the “Plugins” menu item on the left. This will open up a list of all your plugins currently installed. Scroll down the list to see what needs updating (see below):

The quickest way to complete the update is to click the “upgrade automatically” text. WordPress will download the newest version, update the plugin, and automatically reactivate it. If any errors occurred you will be notified.

Need help updating or installing WordPress?

Share and Enjoy:

WordPress Security Tip #1

EasyWPAdmin — Wed, 15 Jul 2009 17:24:54 +0000

Brute force login attempts are annoying and can be dangerous to the security of your WordPress blog. Luckily there are some plug-ins that can help. We recommend Login Lockdown. Why? Three reasons:

Easy to setup
Easy to administrate
Most importantly, it works!

Need help updating or installing WordPress? Give us a try!

Share and Enjoy: