Last night I had a discussion at a forum and I have some friend who was tensed because of his blog getting hacked again and again. Then I wonder some issues that my blog might not be secure in that case, decided to make my blog secure.
Downloaded WordPress Firewall 2 that adds more security to your blog.
This plugin arrange for a layer of security to your site by examining web requests to your blog and blocking the most obvious attacks. It blocks following attacks:
- Directory Traversal
- SQL Injection
- WordPress specific SQL Injection
- Executable File Upload
- Field Truncation
- Remote File Execution
Whenever a mistrusted attack comes to pass on my site, WordPress Firewall 2 will block it and send an email with the details to the admin. In the short time that I’ve been using this plugin I’ve received about 5 emails, 4 of which were the result of me fiddling around with my theme’s function file. The other email was to notify me of a legitimate attack against my site.
I briefly considered white listing my theme’s function file to avoid triggering the firewall plugin when editing the file from the WordPress admin area, but chose not to. I would rather work around this issue than leave the door open to a potential security issue.