It was Monday morning and I was on a call with a dozen others who are my peers. Each of us helps the small business owner with their businesses in one way or the other. It was at the end of the call and we were each sharing our websites and going over how to make little improvements here and there. Time was running out and there was just enough time for one more website review, I volunteered. As my site was coming up for all to see suddenly the screen turned a maroon red with an outline of a security officer with his hand stretched out and the words of"do not precede malware danger." I was too horrified to recall exactly what it said although there was more. I was concerned on being ruined plus humiliated that the people on the call had seen me so vulnerable, I had spent hours.
The fix wordpress malware plugin Codex has an outline of what permissions are acceptable. Directory and file permissions can be changed either via an FTP client or within the administrative page from your web host.
I protect an access to important files on the blog's server by putting an index.html file in the particular directory, which hides the files from public view.
Move your wp-config.php file up one directory from the WordPress root. WordPress will search for it there if it cannot be found in the main directory. Also, nobody will be able to read the file unless they have SSH or FTP access.
In addition to adding a secret key to your wp-config.php file, also think about altering your user password to something that's strong and unique. WordPress will tell you the strength you can find out more of your password, but a great tip is to avoid common phrases, use letters, and include amounts. It's also a good idea to change your password frequently - say once.
Oh . And incidentally, I talked about plugins. When you get a new plugin, make sure it's a safe one. Do not install any plugin because the owner is saying that plugin can help you do this or that. Use a test blog to look at the plugin, or maybe see this get a software engineer to examine it carefully. This way you'll know it isn't a threat for your organization or you.