wordpress security

Best WordPress Security Plugins To Protect WordPress Blog

July 17, 2012

WordPress is the most preferred blogging platform for many people. It has some of the excellent features like theme and plug-in which enhance the blogger’s experience. This article focuses on the popular security plugins that your WordPress blog website needs to have in order to prevent hacking or spamming activities and improve the security system. One way to protect your blog is by implementing security measures from day one, you can always use .htaccess method to hardened your security, but as ...

Continue Reading →

WangGuard Plugin : Stop WordPress User Registration Spam

February 21, 2012

WordPress user registration spam is one of those problems which I believe most of registration enabled WordPress blogs are facing. If you have a WordPress blog or BuddyPress and your registration is enabled by default, you might notice lots of spam users signing up every day. And if default permission for user level is contributor, you might get lots of posts for review and needless to say most of them will be spam posts. Today, ...

Continue Reading →

9 Steps To Secure WordPress Blog

January 23, 2012

In recent time, WordPress has been highly targeted by bloggers. Since WordPress uses MySQL and Php, it’s not tough to find a vulnerability in WordPress. Here I’m sharing some newbie tips to Secure WordPress blog. These are basic tips but some time missing these basic tips, may lead to losing your WordPress blog by some hacker. WordPress is probably the best CMS out there for blogging. I can quite confidently say that, being a user ...

Continue Reading →

How To Change WordPress Default Username For Security

November 28, 2011

When eve we talk about WordPress Security, very first suggestion is to change WordPress default username. As WordPress default username is ”admin” and it makes it hackers to attempt a brute-force attack using username admin. Since hackers already have your username, it will make it easier for them to find your password using brute forcing. Specially, if your webhosting is not using any login attempt security or you are not using limit-login WordPress plugin, you ...

Continue Reading →

How to Fix Vulnerable Timthumb Script in WordPress?

September 4, 2011

In last couple of days I have seen many websites getting hacked due to vulnerability and we have already discussed about the same in the past. If you are still not aware of timthimb hack and running a WordPress blog, you should refer to these 2 posts: WordPress Sites using Timthuimb Script is prone to hacking How to remove counter-wordpress.com from hacked WordPress blog Usually any blogger/webmaster will look into the theme folder and update ...

Continue Reading →

How I Removed Malware Counter-WordPress.com on my Hacked WordPress blog

September 3, 2011

This is a guest post by Arunii who blogs at arunii. If you would like to write for ShoutMeLoud, check our guest posting guidelines. I have read ShoutMeLoud post on WordPress sites using Timthumb.php is Prone to Hacking couple of days back, and after 2-3 days back I encountered a very strange problem on Chrome browser. When ever I opened my WordPress blog on Chrome browser, it shows following message: “www.abc.com contains content from counter-wordpress.com, a site known to distribute ...

Continue Reading →

WordPress sites using Timthumb.php is Prone to Hacking [Almost Every Themes]

August 25, 2011

Today one of my Client pinged me and told me that he is unable to login to his Wp-admin. His wp-admin was giving some error as mentioned below: “warning: Cannot modify header information – headers already sent by (output started at /home/stony/public_html/wp-settings.php:748) in /home/stony/public_html/wp-includes/pluggable.php on line 868” When I logged into client site via FTP, I see some of the files were modified and some weird php files were added. The first weird code was ...

Continue Reading →

Stop WordPress Spam Registration with Sabre WordPress Plugin

July 31, 2011

These days almost every 1 out of 5 professional blog is offering guest posting and to automate the process most of them allow registration for everyone and one can submit post for review. Though this also created a problem for such blogs as spammers are using automated way to register and submit posts for review. In fact 2 weeks back I had almost 300+ registration in 48 hrs. at ShoutMeloud and almost 70 spam posts ...

Continue Reading →