Managing WordPress Security
Introduction: Managing WordPress Security I was prompted to talk about managing WordPress security a few days back when I got an email from one of my sites saying that someone had been locked out for failing to log in using a user ID that I thought was secret. A lot of the vulnerabilities around WordPress come from the code itself. According wpscan.rog, only 14% from the core code, 11% from themes and a whopping 75% from plugins. One of the threat areas has nothing to do with code at all – it is simple and brute force attacks on guessing admin ID and password. That is the place to start protecting your site. Secure admin ID is the first level...