¥akuza112 Posted March 14, 2012 Share Posted March 14, 2012 (edited) 1. Download wordpress and upload it to your FTP ( FileZilla ) Englisch ( This is the hidden content, please Sign In or Sign Up ) 2. Configure your wp-config.php Firstly, you have to fill in the database information like : This is the hidden content, please Sign In or Sign Up It woud be good if you’ll use another prefix then the standard “wp_”, so use somethink like that: This is the hidden content, please Sign In or Sign Up Disallow File Edit ( will disallow file editing via wp-admin, but some designs like for example mystique needs that option, so activate it after you have setting up your design options ) This is the hidden content, please Sign In or Sign Up Please let the Debug Function disabled ( false ) for security reasons, enable it only if you have problems and wants to see the errors. This is the hidden content, please Sign In or Sign Up Generate a security key @ This is the hidden content, please Sign In or Sign Up and add this in your file It could be look like : This is the hidden content, please Sign In or Sign Up 3. Install WordPress When you install wordpress, please do not use “admin” as account. You can change your display name every time (wp-admin/profile.php). A secure password is really important, i would use this generator This is the hidden content, please Sign In or Sign Up Could be look like this one : sN@KMqhKxlWV2oqubl]Esö0&8uYq@!vbgI!QDHJFpj5yb@>Z 4. Configure folder/file rights The config.php should have 440 or 400 at its best, if these settings do not work, use 644. This is the hidden content, please Sign In or Sign Up 4. Install plugins Anti-Vorratsdatenspeicherung 2.0 ( saves the ip’s as MD5 hash ) so its better to use version 1, Ips will be saved as 127.0.0.1 , User-Agents and Emails won’t be saved. This is the hidden content, please Sign In or Sign Up Emails and user agent will be saved / IP’s will be saved as 127.0.0.1 AntiSpam Bee Alternative to Askimet, to block spam in comments, pingbacks. Jetpack WordPress Statistics and more, you need a wordpress.com account to use it. block-bad-queries/ protect wordPress against malicious url requests WordPress File Monitor This is the hidden content, please Sign In or Sign Up WordPress Firewall 2 This is the hidden content, please Sign In or Sign Up Secure WordPress by WebsiteDefender This is the hidden content, please Sign In or Sign Up Informations to the last 3 Plugins : This is the hidden content, please Sign In or Sign Up ( only german ) 4.1 Error, FTP Login data required @ plugin installation ?! Here are 2 options 1. The unsecure, edit your wp-config like : This is the hidden content, please Sign In or Sign Up 2. The secure, fill in your ftp login data and save the password in your browser. This is the hidden content, please Sign In or Sign Up 5. Keep wordpress and plugins up to date Check regulary if there are new WordPress and or Plugin Updates (/wp-admin/update-core.php) If you want to be informed, use : This is the hidden content, please Sign In or Sign Up 6. Remove the WordPress version / ( Error Messages ) Search in the theme folder the file functions.php and add these lines : Remove the WP version : This is the hidden content, please Sign In or Sign Up Remove the WP – Login / Error Messages : This is the hidden content, please Sign In or Sign Up 7. Delete unsecure files readme.html /wp-admin/install.php 8. Add some index.php files ( or index.html ) At the end you should add the index file (just create an empty file) in “unsecure” folders like “uploads“, “themes“. 9. Add an .htaccess File in your Webroot ( puplic_html/.htaccess, for example ) This is the hidden content, please Sign In or Sign Up ;) © 2008 – 2012 ¥akuza112 Inc. This is the hidden content, please Sign In or Sign Up Edited August 3, 2012 by ¥akuza112 Link to comment Share on other sites More sharing options...
¥akuza112 Posted August 3, 2012 Author Share Posted August 3, 2012 Re: Install and secure wordpress ## Updated :: fixxed invalid htaccess btw if there is an error_log file .. make permissions to CHMOD 222 ;-) Link to comment Share on other sites More sharing options...
Recommended Posts