Although this security issue may be fixed in newer versions of Wordpress, your truly screwed if your password gets cracked by a hacker. Since Wordpress only requires one to get all the administrative privileges to your blog, it would be best to limit the /wp-admin/ folder to just yourself (by your IP address, see below). How you might ask? With .htaccess files.

The Fix:

*Note* - If you have a dynamic IP (meaning that your IP changes from time to time), this method will not work for you.. You could block yourself out of your own blog!

1. First, Determine your IP address from any free service, such as: WhatIsMyIp.com
2. Second, Download your .htaccess file from your blog server in the /wp-admin/ folder (Do NOT Replace it on your blog directory.. Only in the Wp-Admin Folder) and open it with Notepad++ (A free utility that makes coding and code editing a breeze).
3. Add the following code to the file:
AuthUserFile /dev/null
AuthGroupFile /dev/null
AuthName “Example Access Control”
AuthType Basic
<LIMIT GET>
order deny,allow
deny from all
allow from xxx.xx.xx.xxx
</LIMIT>
4. Replace xxx.xx.xx.xxx with your IP address you found on the WhatIsMyIp.com website
5. Save the file and reupload to your server, and you should have full access to your blog, but nobody else will because they don’t have your IP.

Now you have one less thing to worry about in terms of security, hope you’ve enjoyed this Saturday tutorial!

Credits: http://www.reubenyau.com/

Thanks for visiting my blog! You may want to subscribe to my RSS feed so you will be able to get these daily blog tips for free!

Don’t want people knowing which plugins you have installed on your Wordpress? Don’t want people knowing what version it is? If you haven’t done this fix yet for Wordpress, I can go to http://yourblogurl.com/wp-content/plugins and see everything that you have installed and what version it is.

Not so good for security is it?

The Fix:

Make a blank file and save it as “index.html” and upload it to your plugins folder. Now the method above will just produce a blank page.

If your not code savvy - I’ve made one for you to achieve the same thing and can be downloaded here. (Right-Click and select “Save As”, Upload to your plugins folder, and your done)

With Wordpress quickly becoming the best blogging platform, it only makes sense that there are people living in their mother’s basement creating backdoors, bypasses, and will be trying to hack your blog. Lately, a popular yet equally sneaky hack that a person can do to your Wordpress blog is add invisible links to your blog, increasing their search engine rankings and pagerank. Though it may sound harmless as they aren’t effecting your readers, it is effecting your Google & Blog Relationship.

The point of the post is not how Google Pagerank works (This page may be of some use to readers that are wondering about that), it is about how you could screw yourself in terms of Search Engine Rankings. When you link to random websites that don’t relate to your website, that raises some red flags in the Google Indexer and you could be labeled a “Spam” website/blog. This ultimately lowers your Google Pagerank (they could think the links were paid) and your search return results for keywords that you choose.

With a hacker gaining access to your blog, whos to stop him/her from placing 2000 invisible links to viagara, twinrex, adult, cialis and all of those wonderful spam links that you get Akismet filtering daily? Nothing is the correct answer and the person will make a couple hundred bucks.

How to figure out if you have been hacked is really quite simple:

1. First, Update your Wordpress to 2.5.1 to fix any bugs or security fixes.
2. Secondly, Get Firefox to check the links of your website.

Once you have Firefox running, open up your blog URL and do the following:

Open up the “Tools” Menu.

Click on “Page Info”

The Page Info Menu Shows Many Things About Your Website.

Look over the “Links” tab to see if there are any weird URLs. If not, then you haven’t been hacked and have nothing to worry about.. Looks good for mine!!

It never hurts to do periodical checks - just to be on the safe side!!