WordPress Security – Should you be concerned?

Being a developer, I recently started to specialise in WordPress based corporate websites. I never had any security problems at my current host, BlueHost, but one of my customer’s website is constantly under attack. Mostly Javascript code being injected.Why? Passwords too short, .htaccess missing, no security plugins…It’s not that hard to put some basic security. I have found these plugins to be pretty useful:

  • Bulletproof Security
    Bulletproof Security creates a more secure .htaccess that prevents XSS attacks.
  • WP-Scanner
    Scans files and detects suspicious portions of scripts.

There is also an online scanner, that’s running free scan for the moment. Worth a try:

https://www.sitesecuritymonitor.com

Previous Next

One Comment (+add yours?)

  1. Yashvin
    Aug 15, 2010 @ 14:01:50

    That’s the cool thng abt WordPress. You do not need to re-invent the wheel. Everything is there, freely provided by the large community of wordpress developers around the world.

    Since more than 2 weeks, I am experiencing some issues too, most probably something related to the shared hosting server and security. Tried some hacks in the htaccess, which decreased the frequency of the errors. Need to look into that again, so that I can take off the “Precautionary measure” text just before my comment box.

Leave a Reply