mike29 — 2011-10-18T05:15:02-04:00 — #1
At last Ive finished my first wp site. The part that I havent really got into yet is its security.
The way I have it setup on my mac is htdocs/sitename/wordpress. Before uploading the htdocs file is there any noobie thing I should think about doing before I do, any suggestions would be really helpful
logic_earth — 2011-10-18T06:26:44-04:00 — #2
Well the first mistake I can see from your post...You put security at the end of your project, it should have been at the beginning, the middle, and the end. Security needs to be part of the entire process, not an after thought you do at the end.
For any suggestions, I'm not sure. I would need to have a much deeper examination.
mike29 — 2011-10-18T10:44:00-04:00 — #3
Yeh I guess so but this is the only choice I have now.
Like I say its my first site, all Ive done is use a template and a couple of plugins, just wondering what most people do security wise with a wp site before uploading....?
shnook — 2011-10-18T11:33:08-04:00 — #4
Well first things first is to backup all your files on a separate drive or online ftp, other than your hosting. If you haven't done that already you should do so ASAP. This is incase of updates from plugins or possibly your WP theme turning things FUBAR.
zerpex — 2011-10-18T13:17:35-04:00 — #5
The wonderful thing about Wordpress nowadays, is that it's very secure if its updated.. According to plugins and templates, if you just follow the guidelines from the wordpress codex, you should be covered. Sometimes when searching Wordpress's forums, you'll maybe find better solutions for doing things, but mostly if you use the functions wordpress provide, don't worry about security then, because they've defined it, and should be very secure..
So yeah, I would give it a try, especially if you've build a theme, it should be very wrong, if you could really make some huge security issues. At least when I've been doing some themes, I've been following the guidelines, and yeah, I haven't found any issues yet.
mike29 — 2011-10-18T13:46:06-04:00 — #6
Right ok thats good to know
There does seem to be alot of plugins to help which is reassuring. I just wondered if there was anything I can do to the files before uploading them e.g zipping them with a password, renaming etc
zerpex — 2011-10-18T13:52:21-04:00 — #7
I couldn't see a reason to rename them, or zipping them with a password. If there's very private information in those files, and you're running wordpress, there's something wrong. If you store login information or so, you can always store the PHP files outside the www root, but that requires, that you recode a little of your theme/plugins.
But yeah, if it's just about security, nah, then you're good to go.
innocent12345 — 2011-10-18T13:58:34-04:00 — #8
Hi James,fist of all, let me congratulate you on your first wp blog.Just as Zerpex has said wordpress is secure if you are using the latest version. Having said that, it really does not mean you should forget security completely. Good luck!
mike29 — 2011-10-19T04:57:03-04:00 — #9
Thanks alot guys
Just shopping around now for a host, looks like some are quite good for wp uploads.
zerpex — 2011-10-19T05:42:42-04:00 — #10
Check ur PM
debm452 — 2011-10-19T05:51:12-04:00 — #11
There are several steps to securing your wordpress installation. Check this out