Loganathan Natarajan
asked on
How can I strength the security of my wordpress site?
I have a wordpress site (latest version) with my own customization of themes/some plugins for one of school. Today when I search in google the site name it gives the link to this site, http://bugmenot.com/ ? which displays all my db (student table) username , password here public?
How can I prevent this? How it is possible to read the db information and can display here, http://bugmenot.com/ ?
Please help.
How can I prevent this? How it is possible to read the db information and can display here, http://bugmenot.com/ ?
Please help.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
@ spravtek , Thanks, I will do the needful as well.
If your database is vulnerable to xss attacks it's possible to get details from it, or they brute force attacked the login to the database, if your password is not strong enough it can be quite easy if you don't protect against it.
ASKER
Ok, I will check with my hosting as well.
those people may not aware of these things?It's probably best not to rely on the ignorance of others.
Also, PHP has a section on security:
http://php.net/manual/en/security.php
And there is OWASP:
https://www.owasp.org/index.php/Main_Page
Security is not a destination, so much as a journey. Best of luck with it, ~Ray
ASKER
one question, Will wordpress have any loop hole to share this kind of details ? I mean any plugin/script to do this?