WordPress.org

Forums

Security steps? (5 posts)

  1. drylight
    Member
    Posted 10 years ago #

    Hi all,

    I have been able to install just fine, but I was wondering whether there was anything I needed to do after the install to prevent any possible security problems? I looked around but found nothing. Maybe there isn't anything I need to do? I only ask because other things I've installed before you're required (or it's suggested) that some files be deleted, etc.

    If there is anything any suggestions would be greatly appreciated.

    Regards,
    Diego

  2. skippy
    Member
    Posted 10 years ago #

    If you're paranoid you can delete install.php and upgrade.php, though it isn't strictly necessary to do so.

  3. Tortured_Artist
    Member
    Posted 10 years ago #

    If you're running a web site and you're NOT paranoid, make sure you keep regular backups of your content and don't store anything sensitive on your server (of course, the truly paranoid wouldn't store things on a public facing server that they weren't willing to see in the wild).

    The general security of WP is perhaps my only complaint. Perhaps I am overly paranoid (chalk that up to learning web administration from Unix mad scientists), but setting any file to be world writeable (e.g. xx6 or xx7) gives me the willies! I've ended up just using SSH and SFTP to change templates and styles.

    As far as removing the install and upgrade files, a happy medium might be to rename them on the server. That way they're available if you need them, but some script kiddie won't be able to run them with their default names.

  4. orangeguru
    Member
    Posted 10 years ago #

  5. drylight
    Member
    Posted 10 years ago #

    Thanks to all for the replies. Appreciate it.

    Cheers,
    Diego

Topic Closed

This topic has been closed to new replies.

About this Topic