WordPress and Joomla: How to Prevent Security Hacks

Recently we have seen number of websites being hacked by russian hacker sites redirecting the wordpress url to a russian page. Finding out through our host, it has to do with WordPress and Joomla Installations.  They are recommending a few things:

#1 Keep your installation up to date.  Hackers have been exploiting security holes in out of date installations.  #2 Install a few hacker proof plugins to secure and lock down your site.  Please see the list below.  #3 Submit your site to websitedefender.com as that is a great resource for notifying you of holes in your security.

WordPress Plugins to Secure your Site

Chap Secure Login: Whenever you try to login into your website, you can use this plugin to transmit your password encrypted. The encryption process is done by the Chap protocol; this is particularly useful when you can’t use ssl or other kinds of secure protocols. By activating the ChapSecureLogin plugin, the only information transmitted unencrypted is the username; password is hided with a random number (nonce) gene… By Enrico Rossomando (redsend).

WP Security Scan:  WP Security Scan checks your WordPress website/blog for security vulnerabilities and suggests corrective actions such as:

  • Passwords
  • File permissions
  • Database security
  • Version hiding
  • WordPress admin protection/security
  • Removes WP Generator META tag from core code
  • Requirements
  • WordPress version 3.0 and higher (tested with 3.2.1, 3.3)
  • PHP5 (tested with PHP Interpreter >= 5.2.9)
  • For more i… By WebsiteDefender.
WP-DB-Backup:  WP-DB-Backup allows you easily to backup your core WordPress database tables. You may also backup other tables in the same database. By Austin Matzko.

Bulletproof Security:  WordPress Website Security Protection: BulletProof Security protects your WordPress website against XSS, RFI, CRLF, CSRF, Base64, Code Injection and SQL Injection hacking attempts. One-click .htaccess WordPress security protection. Protects wp-config.php, bb-config.php, php.ini, php5.ini, install.php and readme.html with .htaccess security protection. One-click Website Maintenance Mode (HTTP 503).… By Edward Alexander.