| Posted by BORIStheBLADE, 12-23-2011, 05:38 PM | | Besides having a good password is there anything someone can do to secure their site?
Thanks
|
| Posted by Patrick, 12-23-2011, 05:58 PM | | Are you looking to secure a single website or an entire server? The advice will differ greatly for both, because if you don't have root (admin) access than you're limited in what you can do to increase security.
|
| Posted by BORIStheBLADE, 12-23-2011, 06:04 PM | | I was looking to see what else I can and should do with access to my share. Entire access to my server share. If that makes any sense.
Mike
|
| Posted by AMSWebHost, 12-23-2011, 06:20 PM | | The advice will also depend on what sort of site that you have.
But you can do the standard things such as making sure you have set the correct file permissions, scripts that you use are up to date and changing your password regularly.
|
| Posted by BORIStheBLADE, 12-23-2011, 06:36 PM | | In the root I just have Wordpress installed. I haven't installed any scripts because I really don't need any. I don't even know if I could with a shared host.
|
| Posted by PlotHost-Max, 12-23-2011, 06:46 PM | | To secure WordPress you should look here http://codex.wordpress.org/Hardening_WordPress
|
| Posted by BORIStheBLADE, 12-23-2011, 07:57 PM | | Thanks for the info.
|
| Posted by hwsgeek, 12-24-2011, 01:03 AM | | If you want to keep your wordpress installation secure, you must keep version up to date, also all plugins should be updated as well.
|
| Posted by Server Management, 12-24-2011, 01:05 AM | | I would highly recommend keeeping your wordpress installation upto date, Wordpress is well known to be exploited, I think wordpress is the most exploited script I have come across in shared hosting...
|
| Posted by fshagan, 12-24-2011, 12:24 PM | | Probably because it has the most number of installations overall. It is estimated that something like 26% of all new sites run Wordpress.
It is the easiest script to update, as an update notification appears in the Admin section, you click a link and it updates itself. It and phpBB scored the lowest number of vulnerabilities on a recent survey of over 1 million web hosts.
But the real problem with Wordpress is not the core files of the program itself. Some plugins and themes are abandoned and are not updated frequently. If the author is active and has provided an update, the same one-click process updates his script. But if he has abandoned it, you have no way of knowing if the code is up to date or not.
Its better to use either a very common, and frequently updated, free theme or one that is maintained and commercial (i.e., Woo Themes, Elegant Themes, etc.) Avoid plugins unless you really need them. If a plug in or theme has not been updated in the last six months, avoid it.
|
| Posted by SafeSrv, 12-24-2011, 04:08 PM | | A few things you could do..
Strong FTP/Control panel passwords and only use those passwords for your site -
Limit access to script admin areas ( Essential ) -
Encrypt config files, anything with database details -
Make sure your scripts/plugins/modules are all up to date -
Proper file permissions on directory and files -
Try not leave any directory's writable if possible -
Any folders such as cache folder upload folders, try move them outside your web root
|
| Posted by BORIStheBLADE, 12-24-2011, 05:18 PM | | I pretty much do the same.
|
| Posted by BORIStheBLADE, 12-24-2011, 05:25 PM | | Good info, will look into it.
Thanks
|
|
 Add to Favourites
 Print this Article
|
