Comments on: Video How-to: 10 Tips To Make WordPress Hack-Proof http://guvnr.com/web/blogging/10-tips-to-make-wordpress-hack-proof make the web, make more of it Mon, 10 Sep 2012 21:42:51 +0000 hourly 1 By: the_guv http://guvnr.com/web/blogging/10-tips-to-make-wordpress-hack-proof#comment-1177 the_guv Mon, 10 Sep 2012 21:42:51 +0000 http://guvnr.com/?p=862#comment-1177 M. Blimey, your comment kinda slipped thru the net, sorry for delay. But! "“Mix it up with letters, digits and special characters, upper and lower case.” is not a good way to do this. A longer password is far far better." No. You need both. And if that sounds hard to remember, *just use LastPass*. And as for the length, using a decent password manager there's no excuse not to have a 16, 20 or even 24bit (character-length) password. (I use 24bit on all my passwords ... call me paranoid But why not?) ... Nice cartoon though, thank you :) M. Blimey, your comment kinda slipped thru the net, sorry for delay.

But!

““Mix it up with letters, digits and special characters, upper and lower case.” is not a good way to do this. A longer password is far far better.”

No. You need both. And if that sounds hard to remember, *just use LastPass*. And as for the length, using a decent password manager there’s no excuse not to have a 16, 20 or even 24bit (character-length) password.

(I use 24bit on all my passwords … call me paranoid But why not?)

… Nice cartoon though, thank you :)

]]> By: M http://guvnr.com/web/blogging/10-tips-to-make-wordpress-hack-proof#comment-376 M Thu, 10 May 2012 15:24:58 +0000 http://guvnr.com/?p=862#comment-376 Point 5. starts out well, more secure passwords are better, but "Mix it up with letters, digits and special characters, upper and lower case." is not a good way to do this. A longer password is far far better. http://xkcd.com/936/ Explains this much better than I can. Point 5. starts out well, more secure passwords are better, but “Mix it up with letters, digits and special characters, upper and lower case.” is not a good way to do this. A longer password is far far better.

http://xkcd.com/936/

Explains this much better than I can.

]]> By: the_guv http://guvnr.com/web/blogging/10-tips-to-make-wordpress-hack-proof#comment-374 the_guv Sun, 18 Mar 2012 07:58:08 +0000 http://guvnr.com/?p=862#comment-374 @Dess. No way, buddy! Security requires a multi-faceted approach - secure local PC, secure web connection, secure web server, each with various configurations. Some plugins merely assist. @Sennik. Ditto above. Ie, no! @Pat. You can have 1 .htaccess per directory. @parw. Yes, buy my book, which contains hundreds of pages worth of fixes. ... even better, wait and I'll be launching a new edition very soon, plus a website alongside ... the existing book's already out of date - typical! @Prabin. Yes, and it didn't but it does work now. (Good point ... ) UPDATE: WP SECURITY SCAN IS AGAIN WORKING FINE ... it wasn't being maintained for a long time but is again now, and provides the easiest way to change that db prefix (once the platform has already been installed) @Dess. No way, buddy! Security requires a multi-faceted approach – secure local PC, secure web connection, secure web server, each with various configurations. Some plugins merely assist.

@Sennik. Ditto above. Ie, no!

@Pat. You can have 1 .htaccess per directory.

@parw. Yes, buy my book, which contains hundreds of pages worth of fixes.

… even better, wait and I’ll be launching a new edition very soon, plus a website alongside … the existing book’s already out of date – typical!

@Prabin. Yes, and it didn’t but it does work now. (Good point … )

UPDATE: WP SECURITY SCAN IS AGAIN WORKING FINE … it wasn’t being maintained for a long time but is again now, and provides the easiest way to change that db prefix (once the platform has already been installed)

]]> By: ShelleyN http://guvnr.com/web/blogging/10-tips-to-make-wordpress-hack-proof#comment-373 ShelleyN Wed, 07 Mar 2012 18:34:14 +0000 http://guvnr.com/?p=862#comment-373 Guv, Enjoyed this post. Some of it is a bit over my head. Seems a bit technical. Never thought about hiding the WordPress Version...this is one I'll definitely be looking in to. Thanks for sharing! Guv, Enjoyed this post. Some of it is a bit over my head. Seems a bit technical. Never thought about hiding the WordPress Version…this is one I’ll definitely be looking in to. Thanks for sharing!

]]> By: Dess http://guvnr.com/web/blogging/10-tips-to-make-wordpress-hack-proof#comment-372 Dess Mon, 06 Feb 2012 11:45:26 +0000 http://guvnr.com/?p=862#comment-372 Is there no one click plugin that will secure my WP blog? I was hacked 2 times within a weeks interval. Some guy from fiverr.com helped me recover it. The second hack was probably by an Islamist fanatic because my page and all the redirect links from my domain show their message. Now if you know any 1 click secure plugin please. Is there no one click plugin that will secure my WP blog? I was hacked 2 times within a weeks interval. Some guy from fiverr.com helped me recover it. The second hack was probably by an Islamist fanatic because my page and all the redirect links from my domain show their message. Now if you know any 1 click secure plugin please.

]]> By: Hack-Proofing Wordpress Site | Estudyante http://guvnr.com/web/blogging/10-tips-to-make-wordpress-hack-proof#comment-371 Hack-Proofing Wordpress Site | Estudyante Thu, 24 Nov 2011 15:01:21 +0000 http://guvnr.com/?p=862#comment-371 [...] Credits to Guvnr.com [...] [...] Credits to Guvnr.com [...]

]]> By: Sennik http://guvnr.com/web/blogging/10-tips-to-make-wordpress-hack-proof#comment-370 Sennik Mon, 14 Nov 2011 22:44:04 +0000 http://guvnr.com/?p=862#comment-370 Is it possible to protect Wordpress only via .htaccess file ? Is it possible to protect WordPress only via .htaccess file ?

]]> By: Pat http://guvnr.com/web/blogging/10-tips-to-make-wordpress-hack-proof#comment-369 Pat Sat, 05 Nov 2011 23:11:29 +0000 http://guvnr.com/?p=862#comment-369 I've got the .htaccess file with all the Begin Wordpress...End Wordpress stuff in it. The file is in the /public folder and when I move it to wp-admin, my site conks out, moving it back agin fixes things. Not sure how I can have the file into wp-admin without the site breaking. Is it possible to have 2 copies? Thanks I’ve got the .htaccess file with all the Begin WordPress…End WordPress stuff in it. The file is in the /public folder and when I move it to wp-admin, my site conks out, moving it back agin fixes things. Not sure how I can have the file into wp-admin without the site breaking. Is it possible to have 2 copies?
Thanks

]]> By: parw http://guvnr.com/web/blogging/10-tips-to-make-wordpress-hack-proof#comment-368 parw Mon, 26 Sep 2011 09:40:25 +0000 http://guvnr.com/?p=862#comment-368 Hi, I have already done everything that you suggest, but last day my blog has been hacked. I don't know what to do ? Have u something else to suggest me. Thanks for reply Hi,
I have already done everything that you suggest, but last day my blog has been hacked. I don’t know what to do ? Have u something else to suggest me.
Thanks for reply

]]> By: Georgia http://guvnr.com/web/blogging/10-tips-to-make-wordpress-hack-proof#comment-367 Georgia Tue, 06 Sep 2011 18:45:33 +0000 http://guvnr.com/?p=862#comment-367 Have had 2 of my Wordpress sites hacked twice. Thanks for this. Never had any problems with WP installations until recently. Glad someone like you is posting walk throughs like this. very helpful. Thank you. Have had 2 of my WordPress sites hacked twice. Thanks for this. Never had any problems with WP installations until recently. Glad someone like you is posting walk throughs like this. very helpful. Thank you.

]]>