5 Plugin penting untuk mengamankan Wordpress

Tips dan beberapa plugin yang mungkin berguna bagi wordpress kita...

1.One of the most important security issue with wordpress is to protect wp-admin folder, So always password protect it for prevention from Hack Attack.

2. After installing wordpress always change your Mysql databse prefix from wp_ to something else, to avoid SQL injection attacks.

3. Upload blank index.php files in your wp-content/theme and wp-content/plugins to avoid getting hacked from Iframe attacks.

4. Limit Login Attempts : This plugin blocks a user for 20 minutes after he enters wrong password 4 times (default values, can be changed). It is good way to avoid Brute Force attack .

HTML:

http://wordpress.org/extend/plugins/limit-login-attempts

5. Sabre :If you own a WordPress powered blog where users can register freely and see a lot of fake registrations, this plugin can stop fake user registration by bots. It can add image verification or math test to registration process among other measures to make sure fake users are not created.

HTML:

http://wordpress.org/extend/plugins/sabre

6. Semisecure Login : This plugin increases the security of login process by using a public key to encrypt the password on client side. The server side then decrypts the password using the private key. Requires Javascript and PHP.

HTML:

http://wordpress.org/extend/plugins/semisecure-login-reimagined

7. Bad Behavior : It checks the visitor’s IP against Project Honey Pot Database to see if it’s a spammer’s. If malicious, it can block that IP from accessing your blog.

HTML:

http://wordpress.org/extend/plugins/bad-behavior

8. Secure WordPress : This plugin keeps your WordPress installation secure with the help of little functions. It hides information regarding your WordPress version from non-administrators and plugin directory from visitors by dropping a blank index.php file.

HTML:

http://wordpress.org/extend/plugins/secure-wordpress

All of these are Wordpress 2.7 compatible.

Sumber dari

HTML:

http://www.dailyblogtips.com/5-plugins-to-keep-wordpress-secure

Ini juga bisa, langsung saja ke TKP

HTML:

http://www.dailyblogtips.com/3-must-apply-security-tips-for-wordpress

NB:Mas moderator kalau doble post mhn di hapus,..

Semoga bermanfaat..
Aku sendiri juga mau coba.. biar aman Insya Allah

 

Makasih mas buat sharing nya

 

wedew banyak juga..
yang nomer 1 bukannya otomatis ada login formnya?
kalo ga ngerti urusan mysql mending nomer 2 diskip deh daripada hilang databasenya
nomer 3 baru tahu ini yang namanya iframe attack, emank hacker bisa upload ke hosting kita? perasaan tuh kalo login kita dibobol kali?
thanks infonya

 

cara nomor 3 juga bisa diakali dengan merubah file permisinya ke 444

 

Betul juga nih, baru ingat..

 

@all
setelah install di fantastisco secara otomatis...
ternyata file install.php masih ada di folder wp-admin/install.php apakah perlu didelete ? kira2 masih ada kena iseng para hacker gak ya ?

wp 2.8 katanya masih lom support... (wp 2.8 apa banyak bugnya ya ?..)

HTML:

http://wordpress.org/support/topic/278763

aku lom ngeh bhs inggris, master yang mumpuni dlm bhs inggris dung..