WordPress installation common mistakes

segurança WordPress

So, you have a WordPress site, and someone told you now that WordPress is not secure.

Well, is it?

With WordPress powering one fifth of the modern web, it is logical to assume that sites created on the platform are under attack by hackers.

While the core platform is constantly audited for security, it’s easy to make mistakes in your own WordPress installation that could lead to serious vulnerabilities.

As Daniel Kanchev demonstrated in his talk on WordCamp Porto 2013, it is easy to hack a WordPress site if you made mistakes during the instalation.

So, see for yourself if you made some mistakes with your site by reading our WordPress Security Checklist:

  1. Are automatic updates turned on?
  2. Do you have strong passwords?
  3. Is your login form HTTPS only?
  4. Do you have an account named admin? Have you already deleted your ‘admin’ account?
  5. Have you given correct permission to the folders in your WordPress installation?
  6. Have you given correct permission to the files in your WordPress installation?
  7. In case of having multiple WordPress sites, do you use separate databases?
  8. Is your database not using the default wp_ table prefix?
  9. Do your database user has the minimum necessary set of permissions?
  10. Is your wp-config.php file protected?
  11. Is your wp-includes folder protected?
  12. Is your .htaccess file secured?

Have you answered ‘YES’ to all questions? Great job. You have installed WordPress with precaution, and your site is in good hands.

Have you answered ‘No’ to one or more questions? Well, you should fix your site right now.

Don’t know how? We will help you. Just twit us at @kaksimedia with message: “Help me, #WordPress installation mistake X, Y, Z” where you can detail all mistakes you did.

Yes, we will help you 😉

Pedro Fonseca

Pedro Fonseca

passionate about the internet. social media lover and wordpress geek.

Queres receber as nossas mensagens semanais o teu email?

As nossas mensagens são compostas por pequenos textos escritos a pensar em ti (sim a sério, a pensar em ti).

Não enviamos SPAM porque também não gostamos de o receber.