Operating a secure WordPress installation requires work to stay on top of things, after all with WordPress being so popular the security is constantly being tested.
WordPress Security Scan is a Hacker Target tool. It can be used to test the security of your wordpress installation from an external perspective. No plugin installation is required, the systems will do an external passive analysis of your WordPress installation and highlight wordpress security issues, along with recommendations to improve the security of your installation.
WordPress is the most popular web publishing platform. When looking at the Top 1 Million sites it is well ahead of other big players such as the Google owned Blogger and open source frameworks such as Joomla and Drupal. In March of 2011, HackerTarget.com produced a report on the popularity of technologies in the Alexa Top 1 Million Sites.
Tips for securing your WordPress CMS
- Back It Up - Be ready to lose it all at anytime. If you have an up to date backup restoring is much easier
- Keep WordPress System up to date
- Keep all Plugins up to date
- Beware of untrusted Themes
- Rename admin account to a non-generic name
- Use strong passwords ( a dictionary word with a number after it is not a strong password! )
- Keep your password safe! Do not re-use it on other sites.
- Ensure you have up to date AV on your Windows Machine. Malware collects passwords.
- The underlying server must be well managed and in a secure state
- VPS or Dedicated server? Set up server monitoring (ossec.net is a good start)
There are a multitude of guides to securing your WordPress installation, in the mean time why not test your sites security now with our easy to use online scanner.