Tech Stuff » Securing Wordpress http://www.jasonwebber.com Fri, 04 Mar 2011 01:10:11 +0000 en hourly 1 http://wordpress.org/?v=3.0.3 Securing WordPress Part 2 http://www.jasonwebber.com/2008/03/15/securing-wordpress-part-2/ http://www.jasonwebber.com/2008/03/15/securing-wordpress-part-2/#comments Sat, 15 Mar 2008 18:43:48 +0000 Jason http://www.jasonwebber.com/2008/03/15/securing-wordpress-part-2/ After publishing Part I and doing some more searching on Google I came across the WordPress Automatic Upgrade plugin. The plugin will keep your WordPress installation updated to the newest version available. Reading through the comments it looks like a pretty good plugin and I’ll be recommending it to my friends who have problems keeping their versions up to date.

Previously I mentioned that you can use the .htaccess file to block access by IP address. If this is too much trouble or you don’t feel comfortable setting it, then there is another option that provides similar security. The AskApache plugin will create the .htaccess file with a username and password that is controlled at the Apache level to help secure the admin section of your blog.

A final plugin is Login LockDown which will disable the login function automatically lock out an IP range for an hour after 3 failed login attempts in 5 minutes. The plugin can be configured with different options. This will help stop the brute force password discovery.

]]> http://www.jasonwebber.com/2008/03/15/securing-wordpress-part-2/feed/ 0