Find Carl Sampson Online
Monthly Archives: August 2013
WordPress has 4 authentication keys and salts that adds extra security to your cookies and passwords. The default values are – define(‘AUTH_KEY’, ‘put your unique phrase here’); define(‘SECURE_AUTH_KEY’, ‘put your unique phrase here’); define(‘LOGGED_IN_KEY’, ‘put your unique phrase here’); define(‘NONCE_KEY’, … Continue reading
To ensure that logins and/or administration always happens over SSL there are 2 settings that can be set in wp-config.php. To enforce logins over SSL add the following line- define(‘FORCE_SSL_LOGIN’, true); With this setting only the login will be over … Continue reading
Use two-factor authentication to help strengthen the login process. Two-factor authentication means that you must provide something that you know (your password) and something that you have. There are several available such as – Yubikey Google Authenticator Duo Push In … Continue reading
Starting tomorrow I will be starting a series on WordPress security. It’s mainly going to be a collection of security-related settings/plugins/etc. that help to make WordPress more secure and robust. Stay tuned!