WordPress is one of the most famous blogging platform. With the popularity of internet nowadays, many people likes to setup blogs either for personal or business. If you are running internet business with WordPress and concern on blog security, this post will give you simple steps to enhance your website’s security.
Do you aware that there is a Key section in WordPress’s wp-config.php file? The default settings are:
define(‘AUTH_KEY’, ‘put your unique phrase here’);
// Change this to a unique phrase.
define(‘SECURE_AUTH_KEY’, ‘put your unique phrase here’);
// Change this to a unique phrase.
define(‘LOGGED_IN_KEY’, ‘put your unique phrase here’);
// Change this to a unique phrase.
The keys in this section are used to hash WordPress’s cookies values. In short, this is to prevent unauthorized access to our login information via cookies. To make your blog more secure, you need to use complicated phrase to make it harder to decipher.
You dont have to crack your head to think of the complicated phrase. There is a generator at: http://api.wordpress.org/secret-key/1.1/. Follow the link and you’ll get content as following, generated randomly:
define(’AUTH_KEY’,'KeX9*{<8uAW;dVy7MoJ&tCUXoz1(9Rcc|Y|-88LU|xrIm5HDf /~&hpuj)xG}DSi’);
define(’SECURE_AUTH_KEY’, ‘PN4`+=R+s.T^nC^B_3EkKHpUxM-J$yu==2p NC4z@FQ|g_@Z*vi63o,4Qy,:0ze|’);
define(’LOGGED_IN_KEY’,'LF~sQ+Q7)x-^?WDUuqiMn~N._{&F/(DpRE;Xz1ww-ajv|=zQ)xt[nz^cq{,C|`UI’)
define(’NONCE_KEY’,'r.&P~|BWz?RY-b:T<-`K5pbyni<~U8%r-%HL_ODc!W?nx!csC`af|pl+8+6%e<!o’);
Copy and paste the code from your browser to wp-config.php Key section. That’s all you need to do.
If you are serious about your blog security and internet business, or as a webmaster, you should do this. After all it takes less than 5 minutes to prevent your website from been hacked.