Wordpress Security
I'm not alone in having come under attempted SQL Injection attacks and they can be quite sustained. Over the past six days I have had 1400 attempts and it continues to rise.
You can see how devastating it can be for those who do get infected and the actions taken to rectify it by reading this post on Techjaws.
For WordPress self hosted users it is essential to change your password frequently, at least on a weekly basis and if coming under attack change it daily which will thwart brute force dictionary attacks.
Ensure that you use a good, strong password consisting of numbers, letter,symbols and special characters in upper and lower case.
I use a minimum 20 character length, I won't give too much detail but it gives me a good and strong 126 bit password.
Other tools to add apart from the ones added by Frank J in his article on WordPress Security Tips there are a few more that can be added to bolster security.
WordPress File Monitor which will monitor your files and alert you to changes. Users can access this through their Dashboard > Settings once installed and setup is easy.
WordPress Firewall which can be easily setup to block directory traversals, SQL queries, WordPress specific terms such as wp_, and more.
Secure WordPress which removes version of WordPress, creates an index.html file in /plugins to stop it from showing your directory listing and a few other simple options as well as access to the WordPress scanner to scan your site for vulnerabilities.
These are simple steps to securing WordPress.
Related posts:
WordPress Security Tips By Frank J on TechJaws
PHP Script Injection Exploit by Kristi on TechJaws
How to Stop Your WordPress Blog Getting Hacked by David on Sem Labs
Surf Safer, Surf with WOT - Click Here or the links below
Web of Trust for Internet Explorer
Web of Trust for Firefox
Web of Trust for Google Chrome
Free PC Security, Securing Wordpress, Security Tips, Wordpress Firewall, WordPress File Monitor, Secure WordPress
