 |
 |
 |
|
12.09.09 Adding More Security To Your Wordpress Sites  By
Andy Beard It is no huge secret that I have had this WordPress blog hacked twice this year but some consolation is that I am not alone. Helpful resources Alex recently launched a DVD course on WordPress security that is available for FREE + shipping... Stop - I know what you are thinking - FREE + Shipping these days normally comes with lots of strings attached, forced continuity often hidden etc. Whilst Alex does cross-sell a few related products, the main offer is genuinely free. Michael VanDeMar has a useful plugin to lock down your login process SEO Egg Head offers a WordPress firewall Donna has a useful script for monitoring your files Of course you should also keep backups which you have total control over - this includes both database and files and you shouldn't rely on claims that your webhost has a backup. With a VPS I find being able to "roll back" to a previous version useful, but backup with shared hosting plans supposedly made by admins isn't a solution when you need to fix things in minutes. Keep WordPress up to date, plugins up to date etc Part of security is controlling what bots can crawl and index on your site, so some pamphlets would be useful as well Getting URLs outta Google - the good, the popular, and the definitive way Handling Google's neat X-Robots-Tag - Sending REP header tags with PHP Nasty Bots & Users A lot of security relies on identifying nasty bots, detecting rogue activity such as failed logins or preventing access to all but approved users using an additional layer of password protection, or only allowing access to a server from a specific IP or range of IP addresses. Also it is important to realise that different WordPress implementations require different levels of access control. With WordPress frequently being used for membership sites, you need to allow access to members. This reduces the number of security options available. SEO Benefits Lots of the pages you want to block from being crawled for security purposes also need to somehow be blocked or removed from indexation for SEO purposes, so tightening up security using the right methods will have natural SEO benefits. Robots.txt isn't the best option because you end up with lots of blocked pages appearing in search results and potentially indexed instead of pages you want in the index. As Sebastian explained, you have to let the bots in to crawl a URL before you can redirect them. Not all bots can be identified, and not all bots obey robots.txt, though you can trap the naughty ones. If you are serious about your bot control you might also consider Fantomasters Searchbot Database. Continue reading this article. About the Author: Andy Beard - Niche Marketing - Blog search engine perfomance, Wordpress and general niche and affiliate marketing tips. |
|
| ||||
-- EnterpriseSecurityNews is an iEntry, Inc. publication -- iEntry, Inc. 2549 Richmond Rd. Lexington KY, 40509 2009 iEntry, Inc. All Rights Reserved Privacy Policy Legal archives | advertising info | news headlines | free newsletters | comments/feedback | submit article |
