securing WordPress

Part of securing a WordPress installation is checking up on your file permissions. In order to prevent overwriting by malicious code, limit the permissions to read-only except where necessary.

Here’s a good start:

Relative PathSuggested permissions
/0755
/wp-admin0755
/wp-includes0755
/wp-config.php0444
/wp-content0755
/wp-content/themes0755
/wp-content/plugins0755
.htaccess0444

I should also mention that I highly recommend WordFence for securing the internal WP system itself.

Tagged with: , , , , ,
Posted in how-to