How To Guides Org

Do You Own A WordPress Blog? Try This Free WordPress Security Plugin!

This is a cross-promotion that goes out to all of you who run a hosted WordPress blog. We would like to ask you to try out the free plugin Triagis that is capable of securing WordPress installations with a few clicks

Secure Your WordPress Blog

WordPress has a few flaws, for example it is exposing the version, always uses the username “admin” for the admin account, and the database prefix always begins with a wp_

With our free plugin you can quickly analyze some security vulnerabilities on your blog and fix them with a few clicks

Server Permissions: Learn What CHOWN Is

We also check your server config. Most important are the server permissions, if we find any incorrect permissions we will display it right on the plugin page. This is very handy if you are new to the Linux world and don’t really know what chmod, chown and 777 means. In short, my best advice: Never use the permission 777 and learn what chown does as quickly as possible – it allows you to assign ownership of a file/folder to a user and group (user:group) – if you give your Apache server ownership which often runs under www-data or nobody then he can write files without you having to use the permission 777. This is one of the most common mis-conceptions about the permission system. Permission 777 is NEVER a good idea and can be easily exploited.

We are going to add more instructions how to change the permissions next week

What Else Is This Plugin Doing?

Some of the things the plugin does (and does well):

Location of your wp-config.php
Is mod_security enabled
Is SSL for backend enabled
What information do you expose
Do you currently allow PHP to display errors?
What permission does your wp-config file, folders and other files on the server have – are they secure?
Is your server software up to date (MySQL,PHP,OS)
What database prefix do you use?
What is the username of the admin account

Don’t expect miracles, but if you want to harden your security a little, use this plugin

Free Download From WordPress.org

Download Triagis Security Evaluation (Please share with people who may want to try it)