One of my favorite blogs on the Internet is the one by eITWebguru which offers very useful information for a wide area of computer and especially hosting topics. Additionally there are various tricks and tweaks for several problems and issues.

Recently, author Milind, as far as I know the only one posting on this blog at the moment, wrote an article about steps to secure WordPress. As I'm using this great free tool for my homepage myself and am also always interested in security, I instantly tested and implemented these steps.

Nevertheless I found some of them not to be very current or accurate. Therefor I wanted to offer you a short summary of the single steps:

1. Keep your blog updated
1. WordPress can check for updates automatically
2. You should always install the most current version
3. Also keep all your plugins updated
4. Don't use plugins that are not under active development
5. Delete inactive plugins
2. Secure wp-config.php
1. Set permissions to 750
3. Hide the version of your WordPress install
1. Use the Secure WordPress plugin
4. Disallow wp-* folders from being crawled
1. Create or update your robots.txt
5. Use Intrusion Detection System (IDS) Plugins
1. Mute Screamer
2. Installs PHPIDS, a state-of-the-art security layer for PHP
3. Includes monitoring
6. Use strong passwords
7. Run Backups regularly