Worrying about security sucks. And since WordPress has become one of the most popular publishing platform in the world it has also become a target for hackers.

We’ve had a few questions about keeping WordPress secure so here’s a few good tips and links to get you started.

WordPress Security Tips
WordPress.org offers a few simple tips we use on every site that definitely helps with basic WordPress lockdown.

  1. Don’t name your Administrator user “admin”. This is an option on install and can be changed if y ou are already up and running
  2. Change your database table prefix. Again – this is an option upon install and can also be changed if you are already up and running. We recommend using a random prefix, like “wpX38f4_”
  3. Proper File Permissions are VERY important – set them and forget them. You can do this from your FTP program
  4. Install WP-Security-Scan – it scans your site for vulnerabilities
  5. Protect your wp-config.php file
  6. Make sure your WordPress hosting provider takes security seriously

WordPress Lockdown Video
This is a great video from Brad Williams on locking down WordPress from WordCamp Boston. [Link]