[wp-edu] FW: wp-edu Digest, Vol 47, Issue 2
Skriloff, Nicholas
SkriloffN at darden.virginia.edu
Tue Sep 10 12:49:26 UTC 2013
Believe it or not, managing wordpress security, backups, the right
plugins that do not clash AND production, staging and dev environments
can be a lot.
I am considering moving our stuff to wp-engine.com to turn this stuff over
to them. What should I consider?
On 9/10/13 8:00 AM, "wp-edu-request at lists.automattic.com"
<wp-edu-request at lists.automattic.com> wrote:
>Send wp-edu mailing list submissions to
> wp-edu at lists.automattic.com
>
>To subscribe or unsubscribe via the World Wide Web, visit
> http://lists.automattic.com/mailman/listinfo/wp-edu
>or, via email, send a message with subject or body 'help' to
> wp-edu-request at lists.automattic.com
>
>You can reach the person managing the list at
> wp-edu-owner at lists.automattic.com
>
>When replying, please edit your Subject line so it is more specific
>than "Re: Contents of wp-edu digest..."
>
>
>Today's Topics:
>
> 1. Re: WP - security concerns? (Brianne Binelli)
>
>
>----------------------------------------------------------------------
>
>Message: 1
>Date: Tue, 10 Sep 2013 06:03:47 -0500
>From: Brianne Binelli <bbgoldkey at gmail.com>
>To: "Low-traffic list discussing WordPress in education."
> <wp-edu at lists.automattic.com>
>Subject: Re: [wp-edu] WP - security concerns?
>Message-ID:
> <CA+s3GNY_-uuv2WuEChDhTMK6c96d6jbr=AWnBrMoHeBRxen69A at mail.gmail.com>
>Content-Type: text/plain; charset="iso-8859-1"
>
>I receive a lot of security alerts on wp. I do have a Admin user name to
>get into the dashboard do you think this may be causing the problem. I
>thought you need to create a admin user name.
>
>thanks
>have a great day
>
>
>
>On Mon, Sep 9, 2013 at 8:19 PM, Covello, Steve
><Steve.Covello at granite.edu>wrote:
>
>> Geez - I have had ZERO infections via WordPress in 4 years.
>>
>> Plugins:
>>
>> Wordfence Security
>> WP Firewall 2
>> Secure WordPress
>> WP Secure Scan
>> WordPress HTTPS
>> WP Ban
>>
>> Best Practice:
>>
>> NO accounts named "admin"
>> htaccess file in wp-admin
>> NO default table prefixes in wp-config, such as "wp_". Change it to
>> "wp_xRwFG_" or whatever.
>> original salt data in wp-config:
>> https://api.wordpress.org/secret-key/1.1/salt/
>> Secure high quality passwords
>> Updated malware scans on user devices
>> Gravity Forms used on all forms, with CAPTCHA
>> SFTP on FTP accounts
>>
>> Occasionally check on Sucuri.net. If you want to be on top of it,
>> subscribe to their scan service.
>>
>> There are other hardening plugins out there.
>>
>> - Steve
>>
>>
>>
>> ------------------------------
>> *From:* wp-edu [wp-edu-bounces at lists.automattic.com] on behalf of Leslie
>> Melvin [melvin at bard.edu]
>> *Sent:* Monday, September 09, 2013 6:18 PM
>> *To:* wp-edu at lists.automattic.com
>> *Subject:* [wp-edu] WP - security concerns?
>>
>> Hi Folks,
>>
>> We have been hosting WP Multisite (for course blogs and as a blog
>> supplement to our program websites) for a few years, with mixed results.
>> Our community (users) love the flexibility of WP, but it has proven to
>>be
>> an unexpected support burden for IT...it seems that all of our
>> website/network hacks have been introduced via WP.
>>
>> I haven't seen the topic addressed by this group, so it appears our
>> experience is isolated, which would lead me to suspect we are missing
>>some
>> simple safe-guards. Have any of your institutions dealt with WP-related
>> security issues? Have you found any successful, secure configurations,
>>and
>> if so, would you be willing to share your experiences with us? WP is
>> proving to be such a valuable tool...
>>
>> If so, I will bring our Networks and Systems folks into the
>> conversation, as they could answer specific questions related to our
>> configuration and protocols.
>>
>> Many thanks in advance!
>>
>> Best,
>> Leslie
>>
>> *---*
>> *Leslie A. Melvin | Manager, Academic Technology Services
>>
>> BARD COLLEGE
>> PO Box 5000 | 204 Old Henderson |
>> Annandale-on-Hudson, NY 12504
>> office: 845.758.7496 | http://www.bard.edu
>> *
>>
>>
>> _______________________________________________
>> wp-edu mailing list
>> wp-edu at lists.automattic.com
>> http://lists.automattic.com/mailman/listinfo/wp-edu
>>
>>
>-------------- next part --------------
>An HTML attachment was scrubbed...
>URL:
><http://lists.automattic.com/pipermail/wp-edu/attachments/20130910/9c502a4
>5/attachment-0001.html>
>
>------------------------------
>
>Subject: Digest Footer
>
>_______________________________________________
>wp-edu mailing list
>wp-edu at lists.automattic.com
>http://lists.automattic.com/mailman/listinfo/wp-edu
>
>
>------------------------------
>
>End of wp-edu Digest, Vol 47, Issue 2
>*************************************
>
More information about the wp-edu
mailing list