Recently found How to Firewall Your WordPress Blog to be useful. From the website:

You already know to use a decent password for your blog, but brute-force or dictionary attacks aren’t the only attacks used against bloggers. It’s much cheaper and faster to exploit software flaws, and that the hackers do. A programmer’s oversight may allow a hacker to gain access to your blog to insert spyware, adware, or links to various pharmaceuticals you’d prefer not to speak about in front of your mother.

And it’s not just WordPress proper. WordPress has caught some major criticism for its security holes — but lately it’s been a bunch of insecure plugins, not WordPress itself. Matt Mullenweg counters the argument that WordPress is insecure over here. I think he’s totally right — WordPress has a rich “plugin ecosystem” that no other blogging platform can touch.

However, the problem remains. WordPress has some great plugins that are written by people with the best of intentions — but who may not understand the importance of sanitizing data provided by untrusted users, and its relationship with security. Upgrading often, setting permissions, using good passwords, etc. — that all helps a lot — but unless you have the time and ability to painstakingly audit all program code for security vulnerabilities, you’d be best off running one of the WordPress firewalls —

Great!  Yet something else that needs to be done!  But would be well worth tackling!

[How to Firewall Your WordPress Blog]

Related articles:

Reblog this post [with Zemanta]

Similar Posts:

If you found this post useful, why don't you buy me a cup of coffee to show your gratitude?

Trackback link - http://www.dailycupoftech.com/2009/04/12/halt-hackers-with-a-wordpress-firewall/trackback/
Tim Fehlman