The administration area of a Web application is a favorite target of hackers and thus particularly well protected. The same goes for WordPress: when creating a blog, the system creates an administrative user with a perfectly secure password and blocks public access to the settings area with a log-in page. This is the cornerstone of its protection. Let’s dig deeper!

This article focuses on defending the administration area of WordPress, meaning all those pages in the wp-admin folder (or http://www.yourblog.com/wp-admin/) that are displayed after a user a verified. We bolded the phrase “after a user is verified” deliberately: it should be explicitly understood that only a simple query stands in the way of an evil hacker and the powerful admin area of your whole blog. The latter is only as strong as the passwords that are generated.

Link:
http://www.smashingmagazine.com/…

Check out these posts too:

  1. Three tips to protect your WordPress installation from Matt Cutts
  2. See Area 51 on Google Earth
  3. Veign’s Blog updated to WordPress 3.0
  4. Pretty good area code map
  5. PriceDoc gets you the prices on medical prodecures in your area
  6. Add a survey or poll to your website
  7. Top 5 MySQL Admin tools