Curious what methods/services/plugins people use to secure their WP sites. Aside from keeping the site updated to the most current version of WP. Here are some things I’ve currently got going on.
- Change default table prefix
- Don’t use ‘admin’ as default administrator username
- Limit Login Attempts
- Lockdown WP Admin
- Simple Trackback Validation with Topsy Blocker along with a popular comment blacklist in settings
- or if commenting system isn’t needed Disable Comments
- Disallow FTP
- WP DB Manager to automate DB backups
anyone use wordfence? anti-malware and brute-force security by eli? sucuri?
Interested in what other people have going on.