The popularity of the WordPress platform has led to attempts by hackers to exploit WordPress security vulnerabilities. While the instances of hacked WordPress installations which are up-to-date is uncommon, it is important to take preventative security measures.
The most important security precaution we can take is to make sure our WordPress installation is kept up-to-date. The WordPress team works to quickly patch security vulnerabilities. Whenever an update is available, we are notified through the WordPress dashboard. Follow the update process as described later in the chapter to ensure your WordPress installation is updated and secure.
Secure WordPress is a plugin that will automatically make a number of security tweaks to our WordPress installation. To use Secure WordPress, simply install and activate the plugin. The plugin works by automatically removing some of the WordPress security vulnerabilities that could be exploited by hackers, such as the WordPress version number, login page error information, and unnecessary information for non-admin users.
The WP Security Scan plugin, scans our WordPress installation for security vulnerabilities and provides information on how to resolve the issue. Once the WP Security Scan plugin is installed and activated, click on the WSD Security link in the WordPress left sidebar.
The WP-Security Admin tools screen will display a list of potential security vulnerabilities and offer recommended solutions.
