Servage Wordpress Secure

From Servage Wiki
Jump to: navigation, search

If you install Wordpress Secure, you install a Wordpress with an added security plug-in. Please note that the plug-in can't provide 100% security but it should reduce the risk to get hacked. And that's a step in the right direction.

We enabled the following options:

  • User Login:
 - Login Lockdown
 -  Login Lockdown Options
  • User Registration:
   - Manual Approval
       - Manual Approve New Registrations
   - Registration Captcha
       - Registration Page Captcha Settings
  • Database Security:
   - DB Prefix
       - DB Prefix Options
  • Filesystem Security:
   - WP File Access
  • Firewall:
   - Basic Firewall Rules
       - Basic Firewall Settings
       - Wordpress Pingback Vulnerability Protection
       - Block Access to Debug Log File
   - Additinal Firwall Rules
       - Trace and Track
   - Internet Bots
       - Block Fake Googlebots
  • Brute Force:
   - Rename Login Page
       - Rename Login Page Settings
   - Login Captcha
       - Login Form Captcha Settings
       - Lost Password Form Captcha Settings
   - Honeypot
       - Login Form Honeypot Settings
  • Spam Prevention:
   - Comment SPAM
       - Add Captcha To Comments Form
       - Block Spambot Comments
  • Scanner:
   - File Change Detection
       - File Change Detection Settings

Last but not least a few security hints: We highly recommend that you change the admin username to something different. It's much harder to brute force an account if the attacker has to guess two variables instead of just one. Change the e-mail address in the "User Login" section to yours and activate the notification option. If you don't need the ability to change PHP files over the dashboard, it is a good choice to disable this function in the category Filesystem Security -> PHP File Editing. Servage already changed the standard login path, but we advice you to change it to something personal you can remember.

For more detailed information about Wordpress security, please get in touch with the Wordpress community and be aware of Wordpress updates and new security patches. Please be reminded that you are responsible for the security of your scripts and that Servage can't be held accountable for the security of scripts. Therefore, we ask you to keep an eye on the script security.

Personal tools