How to handle security on a wordpress site?
Clash Royale CLAN TAG#URR8PPP .everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty margin-bottom:0;
up vote
2
down vote
favorite
I'm doing a draft of a WordPress site on localhost.
If I am using PHP snippets to do the sort of back-end functionality. How do I know that, when this goes to a real platform, the php code cannot be tampered with? How can I ensure that login information (password especially) is secure? Should I be doing password validation in the PHP snippets, or is there a more secure way?
customization security
edited Aug 7 at 21:20
Castiblanco
1,67221020
asked Aug 7 at 20:34
ellen
526
add a comment |Â
up vote
2
down vote
favorite
I'm doing a draft of a WordPress site on localhost.
If I am using PHP snippets to do the sort of back-end functionality. How do I know that, when this goes to a real platform, the php code cannot be tampered with? How can I ensure that login information (password especially) is secure? Should I be doing password validation in the PHP snippets, or is there a more secure way?
customization security
edited Aug 7 at 21:20
Castiblanco
1,67221020
asked Aug 7 at 20:34
ellen
526
add a comment |Â
up vote
2
down vote
favorite
up vote
2
down vote
favorite
I'm doing a draft of a WordPress site on localhost.
If I am using PHP snippets to do the sort of back-end functionality. How do I know that, when this goes to a real platform, the php code cannot be tampered with? How can I ensure that login information (password especially) is secure? Should I be doing password validation in the PHP snippets, or is there a more secure way?
customization security
edited Aug 7 at 21:20
Castiblanco
1,67221020
asked Aug 7 at 20:34
ellen
526
I'm doing a draft of a WordPress site on localhost.
If I am using PHP snippets to do the sort of back-end functionality. How do I know that, when this goes to a real platform, the php code cannot be tampered with? How can I ensure that login information (password especially) is secure? Should I be doing password validation in the PHP snippets, or is there a more secure way?
customization security
edited Aug 7 at 21:20
Castiblanco
1,67221020
asked Aug 7 at 20:34
ellen
526
edited Aug 7 at 21:20
Castiblanco
1,67221020
edited Aug 7 at 21:20
Castiblanco
1,67221020
edited Aug 7 at 21:20
Castiblanco
1,67221020
1,67221020
asked Aug 7 at 20:34
ellen
526
asked Aug 7 at 20:34
ellen
526
asked Aug 7 at 20:34
ellen
526
526
add a comment |Â
add a comment |Â
1 Answer
1
active
oldest
votes
up vote
4
down vote
accepted
You cannot be 100% sure you are safe.
Check this Security reading from WordPress.
That been said, there are some things you can do.
- Keeping WordPress Updated
- Keeping theme and plugins Updated
- Use Strong Passwords
- You can use a Security Plugin, although it's arguable. When a client request it I use Sucuri.
- Change the Default “admin†username
- Limit Login Attempts
- Change WordPress Database Prefix
- Use double authentication
All that won't be enough but it will give intruders a hard time trying to get in.
answered Aug 7 at 20:49
Castiblanco
1,67221020
1
Thank you for your concise answer! I will definitely being going through all these before the site goes live to give me some peace of mind.
– ellen
Aug 10 at 19:06
add a comment |Â
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
4
down vote
accepted
You cannot be 100% sure you are safe.
Check this Security reading from WordPress.
That been said, there are some things you can do.
- Keeping WordPress Updated
- Keeping theme and plugins Updated
- Use Strong Passwords
- You can use a Security Plugin, although it's arguable. When a client request it I use Sucuri.
- Change the Default “admin†username
- Limit Login Attempts
- Change WordPress Database Prefix
- Use double authentication
All that won't be enough but it will give intruders a hard time trying to get in.
answered Aug 7 at 20:49
Castiblanco
1,67221020
1
Thank you for your concise answer! I will definitely being going through all these before the site goes live to give me some peace of mind.
– ellen
Aug 10 at 19:06
add a comment |Â
up vote
4
down vote
accepted
You cannot be 100% sure you are safe.
Check this Security reading from WordPress.
That been said, there are some things you can do.
- Keeping WordPress Updated
- Keeping theme and plugins Updated
- Use Strong Passwords
- You can use a Security Plugin, although it's arguable. When a client request it I use Sucuri.
- Change the Default “admin†username
- Limit Login Attempts
- Change WordPress Database Prefix
- Use double authentication
All that won't be enough but it will give intruders a hard time trying to get in.
answered Aug 7 at 20:49
Castiblanco
1,67221020
1
Thank you for your concise answer! I will definitely being going through all these before the site goes live to give me some peace of mind.
– ellen
Aug 10 at 19:06
add a comment |Â
up vote
4
down vote
accepted
up vote
4
down vote
accepted
You cannot be 100% sure you are safe.
Check this Security reading from WordPress.
That been said, there are some things you can do.
- Keeping WordPress Updated
- Keeping theme and plugins Updated
- Use Strong Passwords
- You can use a Security Plugin, although it's arguable. When a client request it I use Sucuri.
- Change the Default “admin†username
- Limit Login Attempts
- Change WordPress Database Prefix
- Use double authentication
All that won't be enough but it will give intruders a hard time trying to get in.
answered Aug 7 at 20:49
Castiblanco
1,67221020
You cannot be 100% sure you are safe.
Check this Security reading from WordPress.
That been said, there are some things you can do.
- Keeping WordPress Updated
- Keeping theme and plugins Updated
- Use Strong Passwords
- You can use a Security Plugin, although it's arguable. When a client request it I use Sucuri.
- Change the Default “admin†username
- Limit Login Attempts
- Change WordPress Database Prefix
- Use double authentication
All that won't be enough but it will give intruders a hard time trying to get in.
answered Aug 7 at 20:49
Castiblanco
1,67221020
answered Aug 7 at 20:49
Castiblanco
1,67221020
answered Aug 7 at 20:49
Castiblanco
1,67221020
answered Aug 7 at 20:49
Castiblanco
1,67221020
1,67221020
1
Thank you for your concise answer! I will definitely being going through all these before the site goes live to give me some peace of mind.
– ellen
Aug 10 at 19:06
add a comment |Â
1
Thank you for your concise answer! I will definitely being going through all these before the site goes live to give me some peace of mind.
– ellen
Aug 10 at 19:06
1
1
Thank you for your concise answer! I will definitely being going through all these before the site goes live to give me some peace of mind.
– ellen
Aug 10 at 19:06
Thank you for your concise answer! I will definitely being going through all these before the site goes live to give me some peace of mind.
– ellen
Aug 10 at 19:06
add a comment |Â
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
var $window = $(window),
onScroll = function(e)
var $elem = $('.new-login-left'),
docViewTop = $window.scrollTop(),
docViewBottom = docViewTop + $window.height(),
elemTop = $elem.offset().top,
elemBottom = elemTop + $elem.height();
if ((docViewTop elemBottom))
StackExchange.using('gps', function() StackExchange.gps.track('embedded_signup_form.view', location: 'question_page' ); );
$window.unbind('scroll', onScroll);
;
$window.on('scroll', onScroll);
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fwordpress.stackexchange.com%2fquestions%2f310788%2fhow-to-handle-security-on-a-wordpress-site%23new-answer', 'question_page');
);
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
var $window = $(window),
onScroll = function(e)
var $elem = $('.new-login-left'),
docViewTop = $window.scrollTop(),
docViewBottom = docViewTop + $window.height(),
elemTop = $elem.offset().top,
elemBottom = elemTop + $elem.height();
if ((docViewTop elemBottom))
StackExchange.using('gps', function() StackExchange.gps.track('embedded_signup_form.view', location: 'question_page' ); );
$window.unbind('scroll', onScroll);
;
$window.on('scroll', onScroll);
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
var $window = $(window),
onScroll = function(e)
var $elem = $('.new-login-left'),
docViewTop = $window.scrollTop(),
docViewBottom = docViewTop + $window.height(),
elemTop = $elem.offset().top,
elemBottom = elemTop + $elem.height();
if ((docViewTop elemBottom))
StackExchange.using('gps', function() StackExchange.gps.track('embedded_signup_form.view', location: 'question_page' ); );
$window.unbind('scroll', onScroll);
;
$window.on('scroll', onScroll);
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
var $window = $(window),
onScroll = function(e)
var $elem = $('.new-login-left'),
docViewTop = $window.scrollTop(),
docViewBottom = docViewTop + $window.height(),
elemTop = $elem.offset().top,
elemBottom = elemTop + $elem.height();
if ((docViewTop elemBottom))
StackExchange.using('gps', function() StackExchange.gps.track('embedded_signup_form.view', location: 'question_page' ); );
$window.unbind('scroll', onScroll);
;
$window.on('scroll', onScroll);
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password