I found a way to secure WordPress and close up any holes in it permanently.


Userlevel 1
I would be willing to share how anyone here can do this, for free, providing there is interest.

7 replies

Userlevel 7
@,
 
I'm fairly certain that there would be some interest for that here on the community.
 
Please feel free to share that if you would like!
Userlevel 1
What amazes me most about WordPress is that many hosting sites tell people that they can install WordPress for them onto a hosting account in a few easy steps; However, when it comes to helping out the people who end up purchasing a hosting account and wish to learn more about WordPress, most times they are directed to WordPress.org where it is inevitable that Information Overload will occur and nothing is really learned.
 
Don't get me wrong there is a Ton of information on WordPress.org BUT for a newbie to be able to learn what they wish to, they will have to first learn how to search for what is needed ( this can be a very daunting task ). This is almost impossible to accomplish because at every turn something else interesting pops up and one goes off on a tangent.
 
I spent three years trying to learn everything I needed to know about WordPress on Wordpress.org and wordpress.com and still was going around like a chicken with no head. Some people resort to using Plug-ins. Plug-ins can be free or paid. You need to be careful as some plug-ins are not kept up to date, while others charge you a fee and the small print tells you that it does not work 100% of the time.
 
Arisketmet ( or however it is spelled ) claims that their software/plugin is free for a personal site and when I originally used it, I figured I would give them a donation because it seemed to work well. The following year, they automatically took out my donation from my bank account without my permission. I complained and they turned off my activation key. 
 
They charge $5.00 a month for a blog which translates into $60.00 a year and you learn NOTHING about what they do or how you can firm up your own site. Most people who have a blog, also use WordPress to create mini sites to increase traffic flow and if they knew, what I know now, they could save themselves tons of money and keep their hair on top of their head, instead of pulling it out in frustration.
 
Others will pay a fee for a service to take care of comment spam/hackers and their prices can be steep, one must always read the fine print because just as the plug-in are not always 100%, neither are these services. It isn't bad enough that people have to drop a couple of hundred on the hosting accounts for a 2- 3 year package, it seems as if the vultures can sense dead men/women walking and pounce with ferocity/
 
What the hosting sites never tell the people who have WordPress installed on their hosting accounts is that there are a few steps which should be taken PRIOR to installing WordPress.  They most likely don't tell you this because they admittedly don't know much about the platform. 
 
Hackers Know that most people who install WordPress, never change the prefix on the Database, or change up the default settings that are the exact same for each installation. This is the main reason why Hackers love blogs, as it is all too easy to get access to the database ( especially if they know which build is being used ) and change the passwords thereby locking out the owner. Once this is done, the hacker can have a field day.
 
I have found a step by step, over the shoulder presentation showing the reader not only what to do but why it should be done. I was so impressed with the first book, that I turned around and purchased all four books. I figured that Ariskemt is charging a minimum of $60.00 a year, the price of the four books was a BARGAIN.
 
Once you have installed WordPress onto your hosting site ( without implementing the steps I now know ), it is a little more difficult to incorporate the necessary changes to safegaurd your site/blogs. This is also covered in depth, in a step by step manner which is so easy to follow and understand that my Father who was deathly afraid of the computer for years, was able to perform them.
 
If there is an interest in knowing where to find these books, I will share that info with whomever here wishes to know, for free, no charge as to where to get the books. You'll pay the author for his work. I am POSITIVE you'll enjoy the knowledge and with the more than 100,000,000 word wide users of WordPress, you can make a nice income helping out others.
Userlevel 1
If no one will support the author who created some exceptional books to teach a person how to take control of their own work, by purchasing his book, then they can continue to pay someone else a monthly fee to do a half-assed job at protecting their WordPress site. No skin off my nose, I was just interested in trying to help out here,. If interested message me and I'll be happy to give you the link, its doubtful that you'll find it on your own but feel free to waste your time looking.
I have read what you posted and I agree for the most part with what you stated. However I have some serious trepidation on PM'ing you for this information because I find it rather odd that unless these are bootleg copies, ie warez then I don't see why you can't just post a direct link to them.
 
From what I understand this is an open forum with the free exchange of ideas and helpful advice. Keeping information and only offering it via PM is kinda unfair to the rest of the site members. I also would think that unless it is contrary to the site rules it would help others with similar issues.
 
I also find your comment " If interested message me and I'll be happy to give you the link, its doubtful that you'll find it on your own but feel free to waste your time looking."  a tad on the combative side and can find no reason for it other then other members here may have the same issues I have and believe the information (Links) should be offered here freely without the requirement of PM'ing you. I am wondering if this is because nobody did as you required. And if that is indeed the case then maybe that should be a clear sign that something was amiss.
Userlevel 7
Hi bsodcsi
 
AgamemnonKing is quite apposite in approach.  Community guidelines 'prohibt' the promotion of anything non Webroot-related, as the subject matter here is.
 
It is not a question of fairness or otherwise to other Community members (I, as one, do not feel hard done by in the least) and if there are any who feel deprived then all the have to do is to send a PM.
 
I do not write the guidelines, just support and try to abide by them.
 
Regards, Baldrick
Thanks for the comment. I stand corrected and appologize to the author of this posting. No harm was intended and now that this has been clarified I believe I over reacted and will watch myself going forward before I react.
 
Userlevel 7
Hi bsodcsi
 
Personally I do not feel that you have any need to apologise but in the end it is for AgamemnonKing to decide is he is agrieved or not.
 
My view is you aireed some points of view, which you were entitled too, and raised some questions but at no time where you 'killing the mood'.
 
We do like healthy debate here only that it tends to be a little more focused (on things Webroot, naturally) then in other fora. And yes, sometimes, if I am honest, I do find the Guidelines a little frustrating (especially when having to resort to providing help via PMs) but they are what has made and kept this Community one of the best in the Web.
 
Regards, Baldrick

Reply