wpressuzerHi,
Few days ago, couple of my wordpress installations were hacked and had the index.php replaced with some blank urls.
I thought that this could be wordpress related issue. And re-installed the wordpress. However, later one of the non wordpress websites also got hacked. And I deduced it could be issue at my system where some virus/trojan was able to access FTP information stored in the FTP software I use (filezilla).
Then another wordpress got hacked which put me on searching spree to identify the steps/solutions on how to secure the wordpress installations.
After going through hundreds of pages and forum links I still undecided on what all needs to be done.
Few links I have accessed to get the relevant information:
- http://codex.wordpress.org/Hardening_WordPress
- http://codex.wordpress.org/FAQ_My_site_was_hacked
- http://www.dailyblogtips.com/5-plugins-to-keep-wordpress-secure/
- http://net.tutsplus.com/tutorials/wordpress/20-steps-to-a-flexible-and-secure-wordpress-installation/
- http://www.aoclarkejr.com/tips-secure-wordpress-site.html
- http://perishablepress.com/press/2009/12/22/protect-wordpress-against-malicious-url-requests/
- http://www.askapache.com/htaccess/htaccess.html
- http://maketecheasier.com/11-ways-to-secure-your-wordpress-blog/2008/08/12
- http://www.simplehelp.net/2007/09/10/9-ways-to-secure-your-wordpress-blog/
- http://perishablepress.com/press/2009/03/16/the-perishable-press-4g-blacklist/
Some other plugins:
- http://wordpress.org/extend/plugins/wordpress-file-monitor/
- http://wordpress.org/extend/plugins/secure-wordpress/
So, would really appreciate, if you all or any of you can give your tips on how you are securing your wordpress installations.
As I am about to redo another wordpress install because of these hackings, I will document what all tools/steps I have used. And the results it produced and conflicts it created.
I would really appreciate your feedback and replies on these.
Thanks in advance.
2ells
