(Part of an ongoing series on protecting your most valuable asset in your online marketing arsenal, your WordPress blog)
In the military, they call it “hardening targets” when they take steps to make it harder for the enemy to attack an asset. Here in the real world, it’s hard to think like that. But not thinking like this could cost you time, money, reputation and frustration.
I know from first hand experience.
When I started this series, it was in response to the attack my personal hosting account suffered. And because it was my hosting account, and not a single blog, but rather every single one of my sites was hit.
Take my advice and harden your assets now.
The second recommendation in the series is that you go and install WordPress Firewall. This one takes a little more to setup, but guards against a wider range of threats.
This WordPress plugin investigates web requests with simple WordPress-specific heuristics to identify and stop most obvious attacks. There exist a few powerful generic modules that do this; but they’re not always installed on web servers, and difficult to configure.
It intelligently whitelists and blacklists pathological-looking phrases based on which field they appear within in a page request (unknown/numeric parameters vs. known post bodies, comment bodies, etc.). Its purpose is not to replace prompt and responsible upgrading, but rather to mitigate 0-day attacks and let bloggers sleep better at night. Its features include:
(More about the Injection Security Filters)
Download: WordPress Firewall plugin here