Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Wordpress (php/apache) Hardening

From: dd () sucuri net
Date: Thu, 7 May 2009 19:39:49 -0600
Hi list,

I wrote an article about securing Wordpress that I would like to share. It shows some unusual (yet simple) methods to 
find out the wordpress version (even when the generator is disabled), internal directory paths, etc.

What do you guys think?

Link:
http://sucuri.net/?page=docs&title=wordpress-hardening

It also has a link to a simple online tool to scan a wordpress installation remotely and try to find internal paths 
leaking, versions, themes, plguins ,etc:
http://sucuri.net/?page=scan

Thanks,

--dd @ sucuri. net



------------------------------------------------------------------------
This list is sponsored by: InfoSec Institute

Need to pass the CISSP? InfoSec Institute's CISSP Boot Camp in both Instructor-Led and Online formats is the most 
concentrated exam prep available. Comprehensive course materials and an expert instructor means you pass the exam. Gain 
a laser like insight into what is covered on the exam, with zero fluff! 

http://www.infosecinstitute.com/courses/cissp_bootcamp_training.html
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: