Hardening WordPress

iThemes Security (formerly Better WP Security) iThemes Security is the #1 WordPress Security Plugin iThemes Security (formerly Better WP Security) gives you over 30+ ways to secure and protect your WordPress site. On average, 30,000 new websites are hacked each day. WordPress sites can be an easy target for attacks because of plugin vulnerabilities, weak passwords and obsolete software. Most WordPress admins don't know they're vulnerable, but iThemes Security works to lock down WordPress, fix common holes, stop automated attacks and strengthen user credentials. Maintained and Supported by iThemes iThemes has been building and supporting WordPress tools since 2008 like BackupBuddy, our WordPress backup plugin. Get Plugin Support and Pro Features Get added peace of mind with professional support from our expert team and pro features to take your site's security to the next level with iThemes Security Pro. Pro Features: iThemes Sync Integration Manage more than one WordPress site? iThemes Brute Force Attack Protection Network Protect Detect

Sécuriser WordPress en 15 points En 2013 plus d’un site internet sur 5 est fait sous WordPress, ce qui fait de ce CMS une plateforme de choix pour les développeurs de plugin mais aussi cible de choix pour tout un tas de tentatives de piratage ou autre tentative d’intrusion automatisées. Le pourquoi ? est assez simple : poser de la publicité, créer des liens vers d’autres sites, télécharger votre contenu… bref gagner de l’argent avec votre site. Revenons à nos moutons. Dès l’installation : oubliez vos habitudes 1. Utilisez un générateur de chaines aléatoires pour générer un login d’au moins 8 caractères, si possible avec au moins un caractère non alpha numériqueSi “admin” existe, créez un nouvel administrateur, attribuez-lui toutes les publications d’admin et supprimez admin 2. 3. 4. 5. 6. Après l’installation, la configuration : htaccess En fonction de ce que permet votre hébergeur, vous pouvez ne pas avoir accès au fichier .htaccess, ce qui n’est pas une catastrophe. 7. Protégez wp-config.php avec .htaccess 8. 10. 11.

Easy Digital Downloads Easy Digital Downloads is a complete eCommerce solution for selling digital products on WordPress. Learn more at EasyDigitalDownloads.com. Sell effortlessly Whether it is software, documents, photos, ebooks, songs, graphics, videos, or any other type of media file, Easy Digital Downloads provides a complete system for effortlessly selling your digital products. Easy Digital Downloads is an invaluable tool that I use throughout my business and for my clients. All the eCommerce features you need Do you prefer an eCommerce solution which is simple and intuitive or one which is rich in features? EDD gives me a solid platform out of the box, with the flexibility of being able to customize anything I want or need to. Here are some of the features supported out-of-the-box: Frontend shopping cart – Customers can browse your product catalogue, add items to their cart, and checkout when they are ready. Localized for your language Support for many payment gateways, including Stripe and PayPal Get help

BulletProof Security htaccess Core Website Security (Security/Firewalls) WordPress Website Security Protection: BulletProof Security protects your WordPress website against XSS, RFI, CRLF, CSRF, Base64, Code Injection and SQL Injection... hacking attempts. One-click .htaccess WordPress security protection. Protects wp-config.php, bb-config.php, php.ini, php5.ini, install.php and readme.html with .htaccess security protection. Security Logging. HTTP Error Logging. Login Security & Monitoring Website Security (Security/Monitoring) Login Security & Login Monitoring: Log All User Account Logins or Log Only User Account Lockouts (see Screenshot). BulletProof Security is Website Performance Optimized (Performance/Optimization) Website performance is just as important as website security. FrontEnd/BackEnd Maintenance Mode (Security/Development) Display a website under maintenance page with Countdown Timer to website visitors while the website displays and functions normally for you. Translations

BulletProof Security BulletProof Security Feature Highlights .htaccess Website Security Protection (Firewalls)Login Security & MonitoringDB Backup - Manual and ScheduledDB Backup LoggingDB Table Prefix ChangerSecurity LoggingHTTP Error LoggingFrontEnd/BackEnd Maintenance ModeUI Theme Skin Changer BulletProof Security Pro Feature Highlights BulletProof Security One-Click Method vs Multiple Separate Option Settings BulletProof Security uses a one-click setup method vs breaking up options and settings into multiple separate different options and settings. htaccess Core Website Security (Security/Firewalls) WordPress Website Security Protection: BulletProof Security protects your website against 100,000's of different hacking attempts/attacks. Login Security & Monitoring Website Security (Security/Monitoring) Login Security & Login Monitoring: Log All User Account Logins or Log Only User Account Lockouts (see Screenshot). DB Backup: Database Backup Website Security (Security/Backup) Translations

Hide Your WordPress Login from Author Archive » IT Pixie | Your Personal IT Helper You here: Home » WordPress » Hide Your WordPress Login from Author Archive Did you know your WordPress login username can be leaked quite easily via author archive page’s permalink? The important part here is /author/username/, as this is where your login username could be leaked. When you create a new user on your WordPress site, you assign this user a username for login purposes. There is a field in your WordPress database called user_nicename, which is found in the wp_users table. user_nicename is populated with the login username as the user is created. WordPress uses user_nicename to put together the author archive page permalink. For example, you’ve created a new user called testuser. So a hacker can look at the URL and guess that the username for Test User could be testuser. By changing user_nicename to something very different from your actual login username, it becomes more difficult for hackers to figure out what the login username is.

Trouver version de Wordpress dans la BD | Enigma Solution Trouver version de WordPress dans la BD Supposons la situation suivante: Vous n’avez plus accès à votre installation WordPress et vous vous demandez quelle version de WordPress vous aviez installée pour pouvoir la réinstaller. Vous vous êtes retrouvez dans une situation semblable? Et bien voici comment trouver votre version de WordPress. Comment trouver version WordPress dans BD Et bien sachez qu’il est possible de retrouver la version de WordPress que vous aviez d’installé et ce, directement via la base de données (BD) de votre installation. Version de BD WordPress Voici de quelle façon vous pouvez connaître la version de votre installation de WordPress et ce, même si vous n’avez plus accès aux pages de votre site. Tout d’abord, vous devez identifier la version de la base de données WordPress: 1. SELECT * FROM `wp_options` where option_name = ‘db_version’ NOTE: Si vous décidez de simplement consulter le contenu, attention, il y a plusieurs lignes de paramètres. Versions WordPress

25+ Must-Have WordPress Plugins for 2014 Every WordPress developer has a toolkit of plugins they can’t live without that usually includes solutions for caching, security and adding other improvements that build on WordPress core. That’s the great thing about WordPress – in the WordPress Plugin Repository alone there are more than 30,000 plugins that build on core, allowing you to bend the software to your will. But with so many free and premium plugins available, how do you sort the good from the bad? Below is a collection of essential plugins, all chosen based on their usefulness, quality and popularity. Is your favourite plugin on the list? What other plugins would you recommend? Details W3 Total Cache is one of the most popular caching plugins for WordPress. A well-regarded alternative is WP Super Cache, which is often thought of as an easier version of W3 Total Cache. Details Jetpack supercharges your site with a collection of powerful features, such as site stats, email subscriptions, forms, social networking and more. Details

Hardening WordPress Security: 25 Essential Plugins + Tips If you are running a WordPress-powered website, its security should be your primary concern. In most cases, WordPress blogs are compromised because their core files and/or plugin are outdated; outdated files are traceable and it’s an open invitation to hackers. How to keep you blog away from the bad guys for good? For starters, make sure you are always updated with the latest version of WordPress. Full list after jump! Plugins For Better Security WP DB BackupWP DB Backup is an easy to use plugin which lets you backup your core WordPress database tables just by a few clicks. WP Security ScanWith this plugin, scanning your WordPress-powered site will be a simple task. Ask Apache Password ProtectThis plugin doesn’t control WordPress or mess with your database, instead it utilizes fast, tried-and-true built-in security features to add multiple layers of security to your blog. WP-DB ManagerThis is another great plugin which allows you to manage your WP database. 8 Essential Tips [Source]

Protect a Self Hosted WordPress Site from Hackers - VisiHow WordPress is one of the best CMS blogging platforms with many of the largest websites and blogs out there being powered by WordPress. As a result of this, WordPress has become the target of many hackers and over time, many people have complained about their sites getting hacked. I was once a victim of website hacking a few years ago but have since learned how to protect my website from any intrusions. In this article, I will teach you how to protect your vulnerable websites from any unauthorized penetration. How to protect my wordpress blog from hackers? What plugins do you suggest for me to use to protect my site. The first, and most important step to take when trying to recover from a hacked blog, is to locate the time you were hacked, so that you can wipe the site, and reinstall from a secure and untainted back up. In terms of plugins, there are a number listed in this guide that can help you, but you should also focus on overall site security. Howikis QnA.

The Best WordPress Membership Plugin in 2014 Is there a way to know the best WordPress membership plugin? I know it’s crazy to think that you could figure out the best WordPress membership plugin without knowing a specific site’s agenda. It’s why I always tell people that while I can create a map, the route you take is based on your own destination. That said, I have spent the last couple of years working with small, medium and very large engagements on membership projects and I’ve refined the criteria to six core features and two additional dynamics (ease of use, speed to learn). I spoke about the six core features on WP Sessions, and you can still check it out. Understanding the 8 Criteria If you don’t get a chance to see the hour-long presentation I created on WP Sessions, here’s a five minute version of what the criteria is. Comparing the top 8 membership plugins While I have created an infographic, I also put the comparison into a PowerPoint presentation to make it easier for you to take with you. The Infographic The Winner

The Best WordPress Popup Optin Plugins To Help You Gain More Subscribers In April, I spoke at greath length about Why Your Website Needs An Email Newsletter. Email marketing is, without doubt, the most effective form of marketing a business online. Social media is obviously effective too; though there is no substitute to delivering your message directly into someone’s inbox as most people check their inbox every day. One of the most effective ways of increasing sign up rates to your email newsletter is to display a pop up message to visitors. In this article, I would like to share with you some great WordPress plugins that can help you display a pop up banner on your page with your newsletter sign up form. Bloom by Elegant Themes First of all, we would be remiss if we did not mentioned our very own email opt-in plugin Bloom. Not only is Bloom incredible comprehensive, it’s also an absolute pleasure to use. Dreamgrow Scroll Triggered Box (FREE) It offers a huge amount of customization. Cliftons Lightbox (FREE) The layout of the message is fixed. Icegram (FREE)

WordPress Security Class | Learn WordPress with WordPress Training Classes, WordPress Courses and WordPress Support WordPress Security ClassProtect Your Website Before It's Hacked and Black-listed by Google.Backup Your Database and All Your Content, and Install the Best WordPress Firewall Plugin -- Stop Hackers Before It's Too Late! READ MORE> Course Highlights How to protect your website before it's hacked and blacklistedBackup of all your content & database, plus a malware scan during trainingWhat to do if you are hacked - step by step instructionsInstall and configure our Premium WordPress Firewall Plugin Schedule and manage database backups from your dashboardA FREE HD recording of your training class is provided For pricing information, please fill out the form below or call 877-844-9931. Enroll Now - Call 877-844-9931 And Start Training Today! WordPress Security OverviewWordPress Site AssessmentNew Password GenerationBackup Plugin InstallationWordPress Firewall InstallationSecurity Checklist Complete Outline of WordPress Security Class WordPress Security Class