May 14 2008
I don’t care if you’re a security blogger or just plain vanilla blogger, you owe it to yourself to check out WP Security Scan. This plugin will scan your WordPress installation and give you suggestions on how to make it more more secure. It found a number of permissions on my blog that had been set incorrectly (now fixed) and gave me other suggestions such as changing the names of the directories from the easily guessed defaults. I know that a lot of people have a hard enough time just keeping their blogs up to date, but given the rash of WordPress compromises I’ve heard of recently, this is something everyone running a WP installation needs to do.
Another plugin in the same vein worth checking out is WordPress Automatic Upgrade. No more waiting for your service provider to get around to the upgrade or mess with all the funky files yourself. The only problem I have with it is re-enabling the plugins after an upgrade, which is a relatively minor issue. I run the plugin occasionally just to get a backup of the blog. See, I do learn from my mistakes occasionally.