Recently we have seen number of websites being hacked by russian hacker sites redirecting the wordpress url to a russian page. Finding out through our host, it has to do with WordPress and Joomla Installations. They are recommending a few things. #1 Keep your installation up to date. Hackers have been exploiting security holes in out of date installations. #2 Install a few hacker proof plugins to secure and lock down your site. Please see the list below. #3 Submit your site to websitedefender.com as that is a great resource for notifying you of holes in your security.
WordPress Plugins to Secure your Site:
Chap Secure Login: Whenever you try to login into your website, you can use this plugin to trasmit your password encrypted. The encryption process is done by the Chap protocol; this is particularly useful when you can’t use ssl or other kinds of secure protocols. By activating the ChapSecureLogin plugin, the only information transmitted unencrypted is the username; password is hided with a random number (nonce) gene… By Enrico Rossomando (redsend).
WP Security Scan: WP Security Scan checks your WordPress website/blog for security vulnerabilities and suggests corrective actions such as:
WordPress admin protection/security
Removes WP Generator META tag from core code
WordPress version 3.0 and higher (tested with 3.2.1, 3.3)
PHP5 (tested with PHP Interpreter >= 5.2.9)
For more i… By WebsiteDefender.
WP-DB-Backup: WP-DB-Backup allows you easily to backup your core WordPress database tables. You may also backup other tables in the same database.
By Austin Matzko.
Bulletproof Security: WordPress Website Security Protection: BulletProof Security protects your WordPress website against XSS, RFI, CRLF, CSRF, Base64, Code Injection and SQL Injection hacking attempts. One-click .htaccess WordPress security protection. Protects wp-config.php, bb-config.php, php.ini, php5.ini, install.php and readme.html with .htaccess security protection. One-click Website Maintenance Mode (HTTP 503).… By Edward Alexander.