Securing WordPress

If you host your own WordPress blog and not use a blogging site like WordPress.com it is important you secure your installation.

On blogsecurity.net there’s an article on how to secure WordPress. It’s very well documented but I ran into one difference. They say:

Now you need to replace two other values in this table: wp_usermeta.
The values wp_autosave_draft_ids and wp_user_level for the field meta_key need to be changed to
the new prefix: 4i32a_autosave_draft_ids and 4i32a_user_level.

It should read

Now you need to replace three other values in this table: wp_usermeta.
The values wp_capabilities, wp_autosave_draft_ids and wp_user_level for the field meta_key need to be changed to
the new prefix: 4132a_capabilities, 4i32a_autosave_draft_ids and 4i32a_user_level.

You shouldn’t use the administrator account to post on your blog but if you choose to do so make sure the display name doesn’t show your login name.

This article is filed under the category WordPress and has the following tags associated with it: , , .
download