ihearvoices
New Member
rather than posting a new thread for each suggestion, maybe it would be better if i just created this one to house them all?
title: WordPress Security Tips
url: knownhost.com/wiki/cms/wordpress-security-tips
sec: Disabling Unnecessary Files & Access
this would have to be checked...
running the find/chmod commands to change permissions is not an optimal solution since one would have to remember to do it every time WP is updated or a plugin is installed, plus there's the risk of damage
in my search for an alternative, i found this...
the following could be dumped in an .htaccess for both /wp-content/plugins and /wp-content/themes
i haven't thoroughly tested this and someone more knowledgeable would have to look at it
title: WordPress Security Tips
url: knownhost.com/wiki/cms/wordpress-security-tips
sec: Disabling Unnecessary Files & Access
this would have to be checked...
running the find/chmod commands to change permissions is not an optimal solution since one would have to remember to do it every time WP is updated or a plugin is installed, plus there's the risk of damage
in my search for an alternative, i found this...
Hardening WordPress: Security through htaccess • ThematoSoup
WordPress security has become a hot topic with the rise of recent security breaches. Make your WordPress website secure with a few htaccess tweaks.
thematosoup.com
the following could be dumped in an .htaccess for both /wp-content/plugins and /wp-content/themes
Code:
order deny,allow
deny from all
<files ~ ".(xml|css|jpe?g|png|gif|js)$">
allow from all
</files>
i haven't thoroughly tested this and someone more knowledgeable would have to look at it