|
Wordpress 2.2.2 dan tingkatkan sekuriti blog |
|
|
|
|
Written by code7
|
|
Tuesday, 21 August 2007 |
Nampaknya Wordpress 2.2.2 sudah released dan anda tak perlu susah² nak install dari awal jika penah guna WP sebelum ini, just tukar ganti files yang baru dan anda dah dpt WP versi baru. Boleh download versi changed files here (.zip). Ia boleh digunakan untuk upgrade dari WP 2.2.1. Upgrade kepada versi terbaru lebih bermanfat kerana ia dapat menyelamatkan web blog anda dari kene sql injection jika tidak ditampal hole yang ada pada versi lama.
Jika anda seorang yang meminati WP pastikan anda praktikkan tips utk meningkatkan security di blog anda : - Buang version string di header.php
The tag in your header.php that displays your current version of wordpress.
<meta name="generator" content="WordPress <?php bloginfo('version'); ?>" />
Since everyone knows your wordpress version this way, your blog is prone to hackers if you have not upgraded to the new version.
Hide your wordpress version by deleting it or simply changing it to
<meta name="generator" content="WordPress" />
- Letak page kosong index.html di dalam folder WP seperti /plugins/ directory.
In a normal wordpress installation, anyone can access your Wordpress plugin folder to see which plugins you have installed. The path is
http://www.yourdomain.com/wp-content/plugins/
Try it for your blog and your entire directory structure is revealed. Just create a blank file in notepad and name it index.html and drop it in your plugins folder and the folder details will no longer be visible to the public and prevent hackers from cracking a plugin security hole.
- Letak file .htaccess di /wp-admin/
Anda boleh set block ip kat file ni terutamanya hacker² dari US. Jika nak dapatkan info lanjut ttg .htaccess block ip leh ushar sini.
 Add as favourites (76) |  Quote this article on your site | Views: 914
Only registered users can write comments.
Please login or register.
|
|
Last Updated ( Tuesday, 21 August 2007 )
|
Artikel 
20 Cara Jimat Duit
Comment this article
