WordPress Security and What’s New in 4.2

Lock up your WordPressWordPress has come under fire in many ways over the last couple months and security has become of paramount importance when dealing with you WordPress website. There are a few things to know about security with WordPress the first of which is insuring that you have adequately provided for the security of your site by doing the following.

  1. Prevention
  2. Cure
  3. More Prevention

 

The steps to security

Prevention:

The biggest thing you can do to insure you do not get hacked is prevention and the following will help along that path. While prevention may seem daunting given today’s climate, it can mostly be accomplished by doing some basics to your website.

  1. Insure you keep everything up to date this includes your plugins, and WordPress core files.
  2. Choosing the right hosting provider
  3. Using a website firewall such as Wordfence
  4. Having security plugins for monitoring
    1. WP File monitor plus
  5. Backups

Cure

  1. So you have been hacked now what?
  2. Your best and easiest repair is to restore from a backup. You should have at the minimum 3 daily backups and 2 weekly backups preferably 5 daily 2 weekly and 1 monthly
  3. Failing having backups you will need to start repairs on the site and you can start with these sites to see what might be infected.
    1. https://www.stopbadware.org/hacked-sites-resources
    2. http://aw-snap.info/file-viewer/
    3. https://sitecheck.sucuri.net/
    4. http://virusscan.jotti.org/en
    5. http://www.urlvoid.com/
  4. Then the only thing left is time as it can take a while to find all the hack files and any back doors they might have installed on your site.
  5. After which you will want to install the following plugin https://wordpress.org/plugins/wordpress-file-monitor-plus/ while it has not been updated in a while it still does an incredible job of monitoring your site.
  6. Articles that will help you fix it
    1. http://geekfairy.co.uk/what-to-do-when-your-wordpress-site-gets-hacked/
    2. http://aw-snap.info/

More Prevention

  1. More prevention for your site is or may be necessary install the following plugins
    1. https://wordpress.org/plugins/security-guard/
  2. Use .htaccess to secure up site
    1. http://www.thesitewizard.com/apache/block-bots-with-htaccess.shtml
    2. http://www.allthingsdemocrat.com/htaccess-security-and-the-largest-block-bots-list-on-the-web/
  3. Some Optimization tips:
    1. http://www.labnol.org/internet/wordpress-optimization-guide/3931/
    2. http://www.labnol.org/internet/improve-wordpress-security/24639/

What’s new in WordPress 4.2.2

  1. Press this
  2. Live Theme Preview
  3. New character support change from utf8 to utf8mb4 which also bring a new set of issues if you use multi site first install with 4.2.2 and some people have issues with added java script slowing down site there are ways to disable if you do not need additional char support or emojis
  4. Faster plugin updates with ajax
  5. More auto embeds including tumble, kickstarter now as well as youtube and twitter and more oembeds coming
  6. Better screen reader access for java generated errors
  7. http://ultimatesoftwarereview.blogspot.ca/2015/05/wordpress-again-brings-security-release.html

Some things removed:

  1. Title and Nofollow For Links — Put it back with
    The plugin adds a title and a rel=”nofollow” checkbox to the insert link popup box
    Rating: 4 out of 5
4 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *