Support » Fixing WordPress » WordPress security and firesheep

Viewing 2 replies - 1 through 2 (of 2 total)
  • Moderator James Huff

    (@macmanx) is vulnerable if you don’t use https – it gets an F!

    Actually, on, just visit Users/Personal Settings in your Dashboard and check “Always use HTTPS when visiting administration pages.”

    Technically, anything that doesn’t run over HTTPS or doesn’t provide an HTTPS option “gets an F,” because that’s how Firesheep works.

    Are self host wordpress blogs vulnerable too if you dont install a ssl certificate and use https?

    Yes, you need to use a secure connection over HTTPS to protect yourself from Firesheep. Follow this guide:

    also, let’s be clear – you have to be using an unsecured wireless network

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘WordPress security and firesheep’ is closed to new replies.