Wordpress Attack

Websites developed with the help wordpress cms are open for attack nowadays. All the wordpress instances in global servers are being targeted.

Do make sure that the websites are safeguarded and ensure the below steps are taken care on these installations.

> All Plugins should be update and upgraded with later versions.

> Do make sure you have set the admin password as strong enough.

> Check for the proper plugins in wordpress listed here

Few more initiatives to be noted to have secure wordpress

> Disable DROP command for the DB_USER .This is never commonly needed for any purpose in a wordpress setup

> Remove README and license files (important) since this exposes version information

> Move wp-config.php to one directory level up, and change its permission to 400

> Prevent world reading of the htaccess file

> Restrict access to wp-admin only to specific IPs

> Check for secure plugin from Wordpress

> Do check for Hardending wordpress installations