If you are running a WordPress site, you should seriously consider hardening it against script attacks.
What are script attacks
Script attacks are automated hacks (or manually run scripts) which use pre-written code to break into different types of programs, including web site management tools like WordPress.
All kinds of "Hackers" use them, from those who don’t really have a clue as to what they are doing to those who could carry them out manually without directions.
Such scripts typically rely upon known information to determine programs with vulnerabilities and then take advantage of those vulnerabilities to gain control of targeted programs.
How to defend against script attacks
The easiest ways to defend against garden variety script attacks where WordPress is concerned is to not openly display information that end users don’t need to see, to not use default database structures, and to use a strong password.
This prevents typical (poorly written) scripts from doing the following things:
- Seeing that you are running WordPress
- Seeing what WordPress version you are running
- Seeing what plugins you have installed
- Using known contructs for attempted database access
Step by step instructions for hardening wordpress
There is a detailed, step by step manual on hardening wordpress available called "Blog Lockdown" which will take you step by step through doing all of the above.
The information in it is quite good and includes other security related information as well, but is worth the price tag for the WordPress hardening information all by itself.
Get Blog Lockdown now and learn how to make your wordpress site more secure.
[...] Hardening the wordpress database against simple script attacks [...]