[wp-edu] WP - security concerns?
bbgoldkey at gmail.com
Tue Sep 10 11:03:47 UTC 2013
I receive a lot of security alerts on wp. I do have a Admin user name to
get into the dashboard do you think this may be causing the problem. I
thought you need to create a admin user name.
have a great day
On Mon, Sep 9, 2013 at 8:19 PM, Covello, Steve <Steve.Covello at granite.edu>wrote:
> Geez - I have had ZERO infections via WordPress in 4 years.
> Wordfence Security
> WP Firewall 2
> Secure WordPress
> WP Secure Scan
> WordPress HTTPS
> WP Ban
> Best Practice:
> NO accounts named "admin"
> htaccess file in wp-admin
> NO default table prefixes in wp-config, such as "wp_". Change it to
> "wp_xRwFG_" or whatever.
> original salt data in wp-config:
> Secure high quality passwords
> Updated malware scans on user devices
> Gravity Forms used on all forms, with CAPTCHA
> SFTP on FTP accounts
> Occasionally check on Sucuri.net. If you want to be on top of it,
> subscribe to their scan service.
> There are other hardening plugins out there.
> - Steve
> *From:* wp-edu [wp-edu-bounces at lists.automattic.com] on behalf of Leslie
> Melvin [melvin at bard.edu]
> *Sent:* Monday, September 09, 2013 6:18 PM
> *To:* wp-edu at lists.automattic.com
> *Subject:* [wp-edu] WP - security concerns?
> Hi Folks,
> We have been hosting WP Multisite (for course blogs and as a blog
> supplement to our program websites) for a few years, with mixed results.
> Our community (users) love the flexibility of WP, but it has proven to be
> an unexpected support burden for IT...it seems that all of our
> website/network hacks have been introduced via WP.
> I haven't seen the topic addressed by this group, so it appears our
> experience is isolated, which would lead me to suspect we are missing some
> simple safe-guards. Have any of your institutions dealt with WP-related
> security issues? Have you found any successful, secure configurations, and
> if so, would you be willing to share your experiences with us? WP is
> proving to be such a valuable tool...
> If so, I will bring our Networks and Systems folks into the
> conversation, as they could answer specific questions related to our
> configuration and protocols.
> Many thanks in advance!
> *Leslie A. Melvin | Manager, Academic Technology Services
> BARD COLLEGE
> PO Box 5000 | 204 Old Henderson |
> Annandale-on-Hudson, NY 12504
> office: 845.758.7496 | http://www.bard.edu
> wp-edu mailing list
> wp-edu at lists.automattic.com
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the wp-edu