Ja, warum nicht. Gerne informieren wir Sie auch über die erforderlichen Massnahmen auch Ihre WP Applikation abzusichern. thanks for your support. As we are about to create a mayor advertisement platform based on WP, of course we need to have it as secure as possible. To prevent any poss. voulnerabilities for the future, we implemented following security measurements. First we targeted : Removing error-information on login-page Adding index.php plugin-directory (virtual) Removing the wp-version, except in admin-area Removing Really Simple Discovery Removing Windows Live Writer Removing core update information for non-admins Removing plugin-update information for non-admins Removing theme-update information for non-admins (only WP 2.8 and higher) Hiding wp-version in backend-dashboard for non-admins Removing version on URLs from scripts and stylesheets only on frontend Blocking any bad queries that could be harmful to our WordPress website Using "Secure Wordpress" plugin. Next following plugins were implemented: WordPress File Monitor Plus Limit Login Attempts Stop Spammer Registrations Spam Free WordPress Ban Hammer then adding: RewriteEngine on RewriteCond %{REQUEST_METHOD} =POST RewriteCond %{HTTP_REFERER} !^(.*)?.yourdomain [NC] RewriteCond %{REQUEST_URI} ^/wp-login.php(.*)$ [OR] RewriteCond %{REQUEST_URI} ^/wp-admin$ RewriteRule ^(.*)$ - [R=403,L] to .htacces, would that do the trick, to have our domain call-girls-online possibly excluded from any fruther upcoming global wp_admin.php disblings by the servers admin crews on our own responsibility.? We know thats not so easy, but as long as there are any error pages or 127 pages coming up, we do not feel completely comfortable, also not with SSL. # Thank you for checking on this. Regards Thomas Thomas Marco Kampling
Posted on: Wed, 21 Aug 2013 16:54:34 +0000
Trending Topics
Recently Viewed Topics
© 2015