Make WordPress More SecurePosted on August 21, 2011 by LifeHacker in Tech & Gadgets
If you want to keep your WordPress blog safe from intrusion two ways to eliminate basic attacks are to move your wp-config.php file up one directory to a non-public area and to delete the admin user account. Neither of these will stop a determined and skillful malefactor, but like using a bike lock, they will keep the basic thugs out.
Blogging site Problogger suggests that keeping WordPress, your plugins, and your themes updated and using a secure password are the the most effective ways of keeping your site secure.
They also point out that moving the wp-config.php file up one level from ~/home/user/public_html/wp-config.php to ~/home/user/wp-config.php; Keeping the config file in a public places means that sufficiently skilled evildoers can inject…