securing wordpress

Posted on by

Notes on how to secure wordpress 2.7.1 (this is all pretty well documented, but I ran into a couple of dohs!)

o Remove the default admin user
o Create a user you want to login as
o Login as this new user
o Remove the ‘admin’ user – assign all posts to new user

o Force all admin features via HTTPS, edit wp-config.php

define('FORCE_SSL_ADMIN', true);

o Force logins via SSL, edit wp-config.php

define('FORCE_SSL_LOGIN', true);

Things I ran into was a cut and paste error inserting those annoying smart quotes, but once I did that everything’s golden.

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>