If you own or run a website that no-one ever visits then you can probably stick your head back in the sand and forget about securing it. For a while anyway. But if the website you control has anyone other than yourself and your mum reading it then you probably want to put some thought into securing it.
For many people a blog is the website of choice right now and WordPress is the blogging platform that the majority of people choose. Fortunately, there are many plugins available to help you keep your WordPress blog secure. One of those is WP – Security Scan from WebsiteDefender:
By installing the WP-Security Scan you arm yourself with several tools that can help make your blog more secure:
The database tool, seen above, makes it easy to backup your blog’s database. It also allows you to change the database prefix from the default to something far less obvious, such as ‘2jsj4_‘ which is much harder for a casual hacker to guess. This reduces the risks of more basic attacks such as a SQL injection attack.
The password tool tells you how strong the password you’ve chosen to login with is. It can also generate a new password for you which is sure to be hard to guess due to its length and complexity.
The scanner will take a look at your key WordPress files and will compare the file permissions that are currently set versus what they should be in order to maximise their effectiveness. Any files highlighted in green are good, a red highlight should draw your attention to the fact that your file permissions may well be wrong.
The admin area gives you a quick summary, as seen in the image below. Again, anything in green is good. I made a couple of temporary changes to get some red into the screenshot so that you can see how causes for concern are brought to your attention.
Whilst I doubt that a plugin such as WP-Security Scan would keep the most determined of hackers out of your blog it is still a useful addition to your WordPress site. It draws your attention to the most obvious weak points in your security and I could well imagine many blogs on the net today offering many such windows of opportunity to the casual hacker. It also acts as a prompt to keep security in mind and theres nothing wrong with that.
You can download WP-Security Scan from WordPress itself and simple installation guidelines are included on that page.