WordPress.org

Support

Support » How-To and Troubleshooting » Security steps?

Security steps?

  • Hi all,

    I have been able to install just fine, but I was wondering whether there was anything I needed to do after the install to prevent any possible security problems? I looked around but found nothing. Maybe there isn’t anything I need to do? I only ask because other things I’ve installed before you’re required (or it’s suggested) that some files be deleted, etc.

    If there is anything any suggestions would be greatly appreciated.

    Regards,
    Diego

Viewing 4 replies - 1 through 4 (of 4 total)
  • If you’re paranoid you can delete install.php and upgrade.php, though it isn’t strictly necessary to do so.

    If you’re running a web site and you’re NOT paranoid, make sure you keep regular backups of your content and don’t store anything sensitive on your server (of course, the truly paranoid wouldn’t store things on a public facing server that they weren’t willing to see in the wild).

    The general security of WP is perhaps my only complaint. Perhaps I am overly paranoid (chalk that up to learning web administration from Unix mad scientists), but setting any file to be world writeable (e.g. xx6 or xx7) gives me the willies! I’ve ended up just using SSH and SFTP to change templates and styles.

    As far as removing the install and upgrade files, a happy medium might be to rename them on the server. That way they’re available if you need them, but some script kiddie won’t be able to run them with their default names.

    Thanks to all for the replies. Appreciate it.

    Cheers,
    Diego

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Security steps?’ is closed to new replies.
Skip to toolbar