Wait a minute…We’ve already talked about one plug against burglary and now you’re going to tell me that there’s another? Yes, you’re totally right. iThemes Security is a plug which helps protect a page based on WordPress. In what way?It shows us changes we should introduce and defines them as Low, Medium and High Priority.
This section contains elements which are not that important as others but, of course, it’s very important to remember about them. The following tips provide guidance on what to look for when using the website. First of all, you definitely should run a blocking suspicious hosts module which can also block specific IP adresses. All you have to do is, go to the Settings option and enter the section Banned Users.
What you should block is definietely:
- HTTP request methods you are not using
- display non-English characters in URLs
- the ability to edit code, plugins and WordPress theme with the panel
- display information about the incorrect log-in
What you should delete is definitely:
- right to subscribe for config.php and .htaccess files
- RSD header
- displaying information about your version of WordPress from all the places where it is displayed
Some advice plugs, marked as a medium important may read as follows just like these belows.
What you should block:
- suspicious looking URL parameters
- XMLRPC functions
- execution of PHP code in files in the folder Upload. You’ll minimize the risk of infection through various scripts
- Public display of author’s profile if the number of its entries is 0
What you should change or turn on:
- Change the URL of the cockpit WordPress which will protect you from Brute Force attacks
- Reduce the amount of comments by blocking those from vending machines and bots to link
- Turn on detecting changes in files
- turn on the detection of users who repeatedly displays error page 404
This section in iThemes Security plug is very important and contains very useful tips which help to protect your website in a very high level. These tips may look like these below.
What you should require:
- strong passwords for all types of users
- all users unique names
What you should do:
- Allow scan for malware. You will be required to register to obtain the key.
- Schedule an automatic backup of the database
- Activate the built-in iThemes Security module Brute Force Protection
To sum up
Well, if your website is based on WordPress, this plugin is your ‘must have’ and that’s a fact. Not only because of helpful and useful tips but also because of the iThemes Security’s Dashboard. It gives us an informations about current user, files system, database and WP configurations.