WPDesigner.com

With WordPress being so popular its no wonder that in many ways its become a target for would be hackers. WordPress has many doors available that if left open make your website easily accessible for hackers. But we all love WordPress and would like to use it, so how can you remain secure?

Before you make any changes according to the suggestions below, back up your blog, just in case you need to undo the changes or additions.

A few simple easy steps to a secure WordPress:

1. Stay updated

Join the mailing list for release notifications and update when announced. Staying updated is perhaps the most important and easiest thing you can do. Also, if you are running an older version of WordPress, make sure to not announce it to the world. Remove version listings from your templates that could announce what version you are running, and possibly alert hackers to exploits you have available. Make sure when updating your install of WordPress to read the Upgrading WordPress section of the codex.

Staying updated should also mean backing up your website, so if you do get hacked your website can be restored from back ups. Backing up WordPress requires you to have both the database and its files. Backing up your files is as easy as clicking and dragging them to your computer via ftp. Backing up your database can be complicated for some if attempted from within your hosts control panel, but fortunately a number of plugins exist that help automate and simplify the process.

The following plugins can help automate the database backup process, visit their websites for more information:

• wp-db-backup
• wp-dbmanager

Visit the the WordPress codex for further details on backing up your website.

2. Permission your files

Make sure that your wp-config is not world read or writeable. Otherwise people could steal your login information or even overwrite your login with their own. And make sure to delete your install.php after installation is complete.

WordPress codex has an excellent walkthrough on setting file permissions here.

3. Protect against comment spam

Spam can be a danger to your blog and its visitors. Comment spam can insert unwanted content onto your website. One way of protecting against spam is using plugins that track comments and trackbacks, running them through tests to check on whether they are spam and then refusing or approving based on the test results. Though its worth noting that this is not completely full proof and depending on the size of your blog you may even want to personally moderate commenting, or maybe even limit commenting to specific posts.

Anti-spam Plugins and additional resources on how to protect from comment spam:

• Akismet
• Spam Karma 2
• Codex on Combating Comment Spam
• Codex listing of Spam Tools

4. Limit self-registration of users

WordPress supports the ability for users to create new accounts for the purpose of posting. Though this registration does allow them to subscribe as well, which gives them access to reading only. Turn self-registration off in options: general: general options: uncheck anyone can register
(see screenshot below.) or limit your readers to the subscribe role only.

5. Make sure your login information is unique

I’d suggest creating a new wordpress admin user account and deleting the default admin account. Its very important to create a unique password in conjunction with your name. Check out the automated password generator to create a unique and difficult to crack password.

In summary:

1. Stay updated with your WordPress install.
2. Permission your files.
3. Protect against comment spam.
4. Limit self-registration of users.
5. Make login information unique.

Along with this post I’d recommend reading the other options available in Hardening WordPress. Don’t let your blog or website be vulnerable to attack.

Nowadays, horizontal menu tabs are everywhere. How do you make your tabs stand out from the rest? Make them overlap.

Take Wpdesigner current design for example. It took a while to get the tabs to overlap, but the effect is well worth it.

Analyze this example to learn how to achieve that effect. If that example is too difficult for you, stay tuned for the upcoming Wpdesigner WordPress tutorial, which will show you how to create a theme from scratch and how to create tabs that overlap, in details.

If you’re not familiar with horizontal menus, learn how to at css.maxdesign.com.au. Then head over to AListApart.com for the sliding door technique (pretty up your menu with sliding background images).

You put a lot of time into your free theme. It’s your baby. I know. Want lots of bloggers to download and use your theme?

Places to submit, post, or upload your theme:

Wpdesigner.com
Yes, yes! I’m finally opening up Wpdesigner to accept theme submissions and to feature your themes. Follow my instructions below to get your themes featured on this blog.

WordPress Themes and Templates
Announce your free theme arrival on the WordPress forums. You won’t get many replies, but people do check out your theme.

WordPress Theme Viewer
Upload your free theme to the WordPress Theme Viewer (a public themes database) to get the most downloads. Note: I heard it’s pretty hard to get a theme author account to start uploading right now. I requested for an account a long time ago, didn’t have to wait long back then. I don’t know how long you have to wait nowadays.

JohnTP.com WP Themes
Submit your theme to John’s list of WordPress themes. Usually, you do this through posting a comment on that page, but the comment form is gone. Bug John to add your theme. *Sorry John*

Emily Robbins Themes List
Submit your theme to her list through the comment form.