garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Updated WordPress Security Tips (markdown)

ethicalhack3r
2012-07-17 12:43:05 -07:00
parent 7d28b77aeb
commit a446f879e8
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
WordPress-Security-Tips.md

@@ -14,7 +14,7 @@ WordPress used to set the 'admin' username by default on all installations. In r
**4. Keep plugin installations to a minimum.**
Through experience we've found that WordPress plugins are normally the weakest link in WordPress blog's security. Many plugins are susceptible to Cross-Site Scripting (XSS), SQL Injection and other attacks. By keeping plugin installations to a minimum you reduce the attack surface.
Through experience we've found that WordPress plugins are normally the weakest link in a WordPress blog's security. Many plugins are susceptible to Cross-Site Scripting (XSS), SQL Injection and other attacks. By keeping plugin installations to a minimum you reduce the attack surface.
**5. Move the wp_config.php file one directory up, outside of the web root directory.**