Brad Williams made available a great slide presentation at Wordpress WordCamp 2009 in NYC. It is called WordPress Security, and it’s really complete explaining about certain spam techniques or hacking tips on Wordpress. Of course, those are things that can be avoided and he tells us how.

Not only that, but he provides with different plugins that we can use to test and check our WordPress site security. Those are:

  • WP Security Scan: to check for certain aspects of our configuration and make one-click changes in order to make them more secure.
  • Exploit Scanner: a way to search in all our files and database data for suspicious pieces of code, often used by hackers or spammers.
  • Wordpress file monitor: automatic checking for all files in our WordPress installation. Will send out an email when a change is detected, so we can easily detect weird activity in our WordPress site.
  • Login Lockdown: Allows for only a certain number of attempts to login. If all those are failed, it will lock the login for WordPress admin interface and send out a warning to the admin mail address. That will prevent hacking attempts done against the login page. Or, at least, it will slower them down.

Of course, he provides a lot more of information and resources to check out.

I’m a secure little skunk.