Wordpress Discussion

Out of context: Reply #100

  • Started
  • Last post
  • 164 Responses
  • ideaist1

    Hey gang,

    Too lazy (JUST had my 2nd son) to go through 5 pages of information in hopes of finding 2 things:

    1. Multiple WordPress installs; is their a best practises for this? I'm tired of logging into them on a weekly/monthly basis...

    2. WordPress / General Malware Prevention: I have a few dozen sites on 1 server currently; I know it's bad practise BUT I just can't help myself.

    Is their a "silver bullet" WordPress security method I'm missing? I've tried WordFence, BUT it doesn't seem to be doing the trick...

    ...My domains are a variety of WordPress and non-WordPress / "Old School" html / css domains.

    ...Asking for a friend.

    : )

    ideaist 1Permalink
    UpvoteDownvote
    Flag
    • ...Competing with both the "Chick of the Day" & "Apple" threads is disheartening.ideaist
    • get a server where the admin handles security. don't give any admin rights to users.uan
    • 1. If its the same company w/ multiple wordpresses id look into wordpress multisite, one login to maintain them all. if its just a bunch of clients id use:pockets
    • Jetpack(free) or paid options like managewppockets
    • 2. Wordfence and sucuri for hardening.. id use a a managed wp host, or aws.. you can never be 100% secure regardlesspockets
    • Disable curl in apache and just update a local copy then sync to server. Most exploits need to load scripts from remote servers. This kills that ability.monNom
    • oldschool html sites are prone to leaving holes in your serverpockets
    • But also kills your ability to update, so you need to run a staging server locally.
      Also don't use "free" versions of paid themes from sketchy sites      monNom
    • never use the username admin, remove readme.html on all sites and wp version information.pockets
    • Strongly consider removing ALL features with user generated content (comments, file uploads, etc.) This is how most exploits happen.monNom
    • yea get disable comments pluginpockets
    • K, so most of these ideas/solutions have been running through my head...

      ...Thanks and keep 'em coming.      ideaist
    • https://ps.w.org/suc…pockets
    • For managing multiple WP installations I highly recommend https://managewp.com…. Saves me tons of time.nocomply
    • As for security/malware prevention, my approach is to set up notifications via ManageWP, run daily backups, and restore from a backup if something goes wrong.nocomply
    • A lot of the security tools/plugins have caused more headaches than they prevented for me.nocomply
    • Also, invest in good hosting!!nocomply
    • And congrats on your second son!nocomply
    • and congrants on post 100 <3pockets
    • Thanks dudes.

      *thumbsup*      ideaist
    • I switched from ManageWP to iThemes Sync a while back. I like it better myself.noneck
    Show [[ numHiddenNotes ]] more notesAdd Note
    SaveCancel

View thread