Recently my blog got hacked and entire posts and categories got deleted.  This was first experience for me after i started my wordpress blog. I did not have any security features in my blog. After the attack the first thing which i did was to secure my blog.

My experience may help you all to secure your blogs and prevent it from any kind of attacks. Here i am going to explain the security measures i have implemented in my blog.

1)  Database Security.

  • Create a separate MySQL login for wordpress without delete permission. (i know the wordpress need delete permission but as per my understandings, if you delete a blog, it will go to trash means just changing the status of the post, so update and insert permission is sufficient.)
  • Removed all other logins (Hosted in godaddy, there are few Mysql  logins are there for go daddy c pannel access)
  • Set a Hard password for MySQL  Login.
  • Finally you should have a Daily backup of your Database see here

2)   WordPress Security

  • Disabled user Login
  • Installed the following security Plugins , Login LockDown, WordPress Firewall, Bad Behavior
  • Disabled directory listing by adding the following synt. in .htaccess file

Options -Indexes

Post By Gishore J Kallarackal (2,121 Posts)

Gishore J Kallarackal is the founder of techgurulive. The purpose of this site is to share information about free resources that techies can use for reference. You can follow me on the social web, subscribe to the RSS Feed or sign up for the email newsletter for your daily dose of tech tips & tutorials. You can content me via @twitter or e-mail.

Website: → Techgurulive

Connect