How to keep your wordpress blog Safe & Secure - Part 3
In this chapter of keeping your wordpress blog safe and secure, I'll talk about keeping your sensitive wordpress folders hidden or not easily accessible to hackers. You can do it by locking you wordpress folder as well. Without further delay, I'll start listing the tips you need to follow to lock your wordpress folders.
Hide Directory Listing: By default wordpress blogs show folder structure in URL, something like http://<sitename>.wordpress.com/MyFolder. When a smart programmers/hacker sees this, he/she can easily guess your folder structure. So, you have to hide it. You can hide by embedding following code in your index.php page.
Note: If you don't have any index.php then please create one and insert the code and upload it in /wp-includes folder, to keep your folder structure hidden.
Protect your wp-admin Folder: wp-admin folder is one of the most important folder in your wordpress blog. It has every detail which a admin would like to know. Once hacker cracks into this folder, he can be admin of your blog ! So, protecting this folder is extremely important. Only standard way to protect this folder is by allowing only authenticated users to view/edit that folder.
Howdo you do it? Just follow simple steps given below,
Goto http://www.htaccesstools.com/htpasswd-generator/ site. Enter the user credentials of a user whom you want to give access to wp-admin folder in the text box given. Site will provide you with a .htpasswd file.
The uses MD5 hashing algorithm. It is world known fact that MD5 algorithm is almost unbreakable. So, you needn't worry about .htpasswd file getting cracked/hacked.
Copy-paste .htpasswd and .htaccess file in wp-admin folder. Please don't overwrite these files, if they are already present in your wp-admin folder. Understand what the new .htpasswd and .htaccess files has and then open existing files to edit accordingly. It is manual process, you have to do it manually.
Now, you are done ! This trick will give extra security to your wp-admin folder. It is like double pass security system for a hacker to crack.
I hope this tutorial did gave you some insight on how to keep your wordpress blog secure. I'll be posting last installment of this tutorial soon. So, stay tuned to Webmaster Tutorials for more updates.