about us

simplewebhosting.co.uk blog simplewebhosting.co.uk blog


Archive for April, 2015

Secure your WordPress installation

Tuesday, April 21st, 2015

We’ve recently been plagued with a number of hacking and spamming events caused by WordPress installations. Or, more accurately, out-of-date WordPress installations.

As great a piece of software as WordPress is, if it’s not kept up-to-date with the latest releases and security patches then it becomes a magnet for even the most amateur hacker. Scripts such as xmlrpc.php can be easily manipulated to send out large amounts of spam. You may not think this is an issue for you personally but if just one of those spam messages hits a spam trap, then the server’s IP address is blacklisted and other users will find they’re unable to send mail.

We’re not having a go at WordPress here. It’s a great piece of software and there’s a reason it’s the world’s most popular blogging platform, however you cannot simply install it and forget about it. It MUST be kept up-to-date. This issue is not restricted to WordPress of course – it affects any PHP software running on your server – WordPress is just more of a target due to the volume of installations out there.

There are many tools freely available that can ‘lock-down’ your WordPress installation – one we’ve played with ourselves is:

https://wordpress.org/plugins/better-wp-security/

It’s a WordPress plugin that’s available free, very easy to install and provides a run-down of the things you should do once you’ve installed WordPress (such as disabling the dreaded xmlrpc.php!)

There are server wide settings we can employ that will help stop some of these attacks however they also restrict genuine functionality which then causes more issues.

about us
top

blog blog

 
top

blog categories blog categories

 
top

blog archives blog archives

 
top

blog categories popular blogs

 

 
10 reasons 10 reasons to choose simplewebhosting.co.uk