Update your WordPress blog’s security

About me: I am an everyday Joe Schmoe that enjoys spending way too much time on the internet. Internet technologies such as XHTML, PHP, CSS, and FLASH are my best friends and hobbies. They are daily learning experiences and I enjoy sharing what I learn with others.

Article by
Zabinsky’s Website

If you have not already, I highly recommend reading “Smashing WordPress -beyond the blog.” The book is a concise, no-nonsense approach to WordPress and beyond. Most of you have probably heard of Smashing magazine. If not, google them and go visit.

The first chapter I read was on my WordPress blog’s security. It gave VERY BASIC, easy to follow instructions on tightening up the security around my WordPress blog. The book also has very nice chapters on widget implementation, plugin design and theme creation.

Back to the matter at hand (security). Seriously, I cannot believe I did not think of this…

1. Go into your WordPress folder.
2. Find the file -> wp-config.php (should be top level)
3. Scroll down to ->
https://api.wordpress.org/secret-key/1.1/ <<---Link followed by four commented out lines (//):
//define('AUTH_KEY', 'put your unique phrase here');
//define('SECURE_AUTH_KEY', 'put your unique phrase here');
//define('LOGGED_IN_KEY', 'put your unique phrase here');
//define('NONCE_KEY', 'put your unique phrase here');

4. Click or copy and paste the above link into the URL of your browser. It will print out something like:
define('AUTH_KEY', 'F[rf ]3ar]M]m{truncated)ELbU!bBAlKZ>-truncated');
define('SECURE_AUTH_KEY', 'F[rf ]3ar]M]m{truncated)ELbU!bBAlKZ>-truncated');
define('LOGGED_IN_KEY', 'F[rf ]3ar]M]m{truncated)ELbU!bBAlKZ>-truncated'');
define('NONCE_KEY', 'F[rf ]3ar]M]m{truncated)ELbU!bBAlKZ>-truncated');

5. Copy and paste this information from the browser and paste it in this same file OVERWRITING #3 above. // denotes a line comment. You will overwrite all four lines making this an active script.

6. Save file and done. Really easy, right? Peeping-Toms begone.

Now you will have to relog into your blog each visit. To be honest, it takes a little longer on authentication, but security is never convenient and this could be my connection or my host tonight. I do see a wee bit of hesitation as the "salts" do their magic but it is WELL WORTH IT.

You like? I will be posting article #2 in the next day or so covering other suggestions regarding security made by "Smashing WordPress -beyond the blog."

Happy Coding! USMCsky

Tags: , , ,

Want Something Else?

Comment and trackbacks closed.

Register!

Flash by Z | The eclectic blogoshpere of Coding, Humor, Design and People


That's it - back to the top of page!

Recent Posts

POPULAR POSTS!