- Security – Backing-Up Your Site
- Security – Locking Down Your Site
- Security – Proper WordPress Installation
- Security – Prevent Directory Browsing
Hide WordPress Version in the Header Tag
Although you have deleted the WordPress version meta data from your theme, you may still get WordPress version line in the page returned by the blog software. The culprit is, since version 2.5 WordPress has added the feature to generate this code.
Add the following line to the functions.php file in your theme directory: (Create a blank PHP file with this name if your theme doesn’t already have one)
<?php remove_action('wp_head', 'wp_generator'); ?>
It is important to note that even with all of those above implemented, there is no guarantee that your blog will be safe. Just that you decrease the chance tremendously and discourage those crackers from targeting your blog.
New exploits are discovered every so often and when a fix has not been made available yet, everyone is at risk. However, by implementing all or some of the tips above, at the very least it should give you peace of mind that you are not leaving your house unlocked.
I recommend the plugin Better WP Security which is easy to use and configure, and does many of the security functions for you.