Log in
Register
Search
Search titles only
By:
Search titles only
By:
Forums
New posts
Forum list
Search forums
Leaderboards
Games
Our Blog
Blogs
New entries
New comments
Blog list
Search blogs
Credits
Transactions
Shop
Blessings: ✟0.00
Tickets
Open new ticket
Watched
Donate
Log in
Register
Search
Search titles only
By:
Search titles only
By:
More options
Toggle width
Share this page
Share this page
Share
Reddit
Pinterest
Tumblr
WhatsApp
Email
Share
Link
Menu
Install the app
Install
Forums
Leisure and Society
Society
Technology
Webmasters & Developers
How to start Wordpress Blog
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Reply to thread
Message
<blockquote data-quote="Sketcher" data-source="post: 76494463" data-attributes="member: 27106"><p>Keep WordPress, and all your plugins and themes up-to-date so you'll have the latest security patches. </p><p>For the hosting, make sure its PHP, web server (usually Apache), and database server (usually MySQL) are kept up-to-date so they have the latest security patches. </p><p>Also make sure your site is behind a good web application firewall (WAF). This could be ModSecurity on the webserver (with a good ruleset - no rules means no protection), or using a service like Sucuri's WAF, or both in combination. </p><p>Back up the site often (preferably daily) and keep older backups (I often recommend 2 monthlies). Hackers tend to compromise a site, lay low for a few weeks, and then slowly become more and more obvious. Having backups from before disaster strikes is essential. There should also be copies of these outside of the server.</p><p>Don't add too many plugins. They're not all tested with each other, and the more you add, the more you risk making the site both slower and broken. It's fine to have a few good ones, but if I'm seeing the number approach 20 while people complain about how slow their sites are, then I begin suspecting that as a contributor. </p><p>If the site's needs get too big for you, you probably need a developer to help you. Finding a good one can be a challenge in and of itself, and you want this person to be absolutely trustworthy. Maintain a good relationship with this person! Disgruntled devs can become very damaging hackers. </p><p>Use long, strong passwords (15 characters at least), make sure they cannot be easily guessed, cracked, or otherwise obtained, and only enter them on encrypted, secure connections. That means HTTPS, SFTP, or FTPS. Don't use HTTP or FTP when entering these passwords, they are unencrypted and insecure. </p><p>Don't keep the old version of the site in a subfolder of the main site. That's a wide-open door for hackers. Keep the old copy completely outside of the main site's document root. </p><p>If you get hacked, you or your developer will need to check the site files AND the database for code that isn't supposed to be there. So make sure you keep good backups of both of them, safe and secure which you can use to compare with the suspicious new site copy. </p><p></p><p>WordPress is something like 40% of the Internet. As such, it is a major target, and WordPress sites get hacked a lot. Taking these steps to protect yourself is essential.</p></blockquote><p></p>
[QUOTE="Sketcher, post: 76494463, member: 27106"] Keep WordPress, and all your plugins and themes up-to-date so you'll have the latest security patches. For the hosting, make sure its PHP, web server (usually Apache), and database server (usually MySQL) are kept up-to-date so they have the latest security patches. Also make sure your site is behind a good web application firewall (WAF). This could be ModSecurity on the webserver (with a good ruleset - no rules means no protection), or using a service like Sucuri's WAF, or both in combination. Back up the site often (preferably daily) and keep older backups (I often recommend 2 monthlies). Hackers tend to compromise a site, lay low for a few weeks, and then slowly become more and more obvious. Having backups from before disaster strikes is essential. There should also be copies of these outside of the server. Don't add too many plugins. They're not all tested with each other, and the more you add, the more you risk making the site both slower and broken. It's fine to have a few good ones, but if I'm seeing the number approach 20 while people complain about how slow their sites are, then I begin suspecting that as a contributor. If the site's needs get too big for you, you probably need a developer to help you. Finding a good one can be a challenge in and of itself, and you want this person to be absolutely trustworthy. Maintain a good relationship with this person! Disgruntled devs can become very damaging hackers. Use long, strong passwords (15 characters at least), make sure they cannot be easily guessed, cracked, or otherwise obtained, and only enter them on encrypted, secure connections. That means HTTPS, SFTP, or FTPS. Don't use HTTP or FTP when entering these passwords, they are unencrypted and insecure. Don't keep the old version of the site in a subfolder of the main site. That's a wide-open door for hackers. Keep the old copy completely outside of the main site's document root. If you get hacked, you or your developer will need to check the site files AND the database for code that isn't supposed to be there. So make sure you keep good backups of both of them, safe and secure which you can use to compare with the suspicious new site copy. WordPress is something like 40% of the Internet. As such, it is a major target, and WordPress sites get hacked a lot. Taking these steps to protect yourself is essential. [/QUOTE]
Insert quotes…
Verification
Post reply
Forums
Leisure and Society
Society
Technology
Webmasters & Developers
How to start Wordpress Blog
Top
Bottom