What security concerns should I have when setting FS_METHOD to “direct” in wp-config?
I have recently had an issue where I have been unable to install the WP Smush Pro plugin because I don’t have the … Read more
security
Encrypt Password in Configuration Files?
A simple way of doing this is to use Password Based Encryption in Java. This allows you to encrypt and decrypt a text … Read more
Can I rename the wp-admin folder?
Is it possible to rename the wp-admin folder? I know I could just rename it, but unless it’s supported by the code lots … Read more
How to Protect Uploads, if User is not Logged In?
I use WordPress for a private site where users upload files. I use the “Private WordPress” to prevent access in to the site … Read more
Verifying that I have fully removed a WordPress hack?
My for-fun WordPress blog at http://fakeplasticrock.com (running WordPress 3.1.1) got hacked — it was showing an <iframe> on every page like so: <iframe … Read more
Hide the fact a site is using WordPress?
I have a website for which we are trying to be discreet about the fact that we are using WordPress. What steps can … Read more
Is moving wp-config outside the web root really beneficial?
One of the most common security best practices these days seems to be moving wp-config.php one directory higher than the vhost’s document root. … Read more