working….
Hide login error messages
When you are trying to login you WordPress dashboard but fails. WordPress shows that your login details are wrong, its useful info for people who want to hack your site
To remove this message, simply edit your theme's functions.php file which located under your wp-content/themes/* folder and paste the following code:
| add_filter('login_errors',create_function('$a', "return null;")); |
Protecting wp-config.php file using .htaccess
| <files wp-config.php> order allow,deny deny from all </files> |
Protect your WordPress from script injections using .htaccess file
Options +FollowSymLinks |
Protect your images from content thieves
| RewriteEngine On #Replace ?mysite\.com/ with your blog url RewriteCond %{HTTP_REFERER} !^http://(.+\.)?mysite\.com/ [NC] RewriteCond %{HTTP_REFERER} !^$ #Replace /images/nohotlink.jpg with your "don't hotlink" image url RewriteRule .*\.(jpe?g|gif|bmp|png)$ /images/nohotlink.jpg [L] |
Protect your WordPress from hackers malicious queries to find a blogs weak spots
Create under wp-content/plugins folder blockbadqueries.php file with the following content
<?php global $user_ID; if($user_ID) { |
Save this file and activate this plugin under your dashboard
Protect WordPress version from viewing
Edit your theme's functions.php file which located under your wp-content/themes/* folder and paste the following code:
| remove_action('wp_head', 'wp_generator'); |
Change WordPress default username
| update wp_users set user_login = 'your new username' where user_login = 'admin'; |
Prevent directory browsing
Add this line to your .htaccess file
Options -Indexes |
source http://wp.smashingmagazine.com/2010/07/01/10-useful-wordpress-security-tweaks/
Similar Posts:
- None Found