WP Security Scan


Plugin Page: http://wordpress.org/extend/plugins/wp-security-scan/


Why We Think WP Security Scan Should Be Apart of Your Security

The plugin performs several checks on your WordPress blog in order to see if you have any of the following:

  • the most up-to-date version of WordPress – Make sure you are always updated!

  • The database table prefix default wp_.

  • turned off reporting of database errors

  • The WP ID META tag – this should be removed

  • Admin – you absolutely should not be using the default “admin” user

  • An .htaccess file in the wp-admin folder – gotta have this.

Here’s an excellent and highly relevant article we think you should check out

In order to complete the check process, follow these steps:

  • upload the plugin from the plugin repository and activate it.

  • You will see the inital scan results on the main window of the plugin page.

  • See some issues marked in red? Follow these steps:

    • Upgrade to the latest version of WordPress if you do not have it installed.

    • If your database prefix is wp_.
      Use the plugin to change the table prefix

    • If WordPress Database errors are not turned off. – done by the plugin

    • If the WP ID META tag is not removed. – Done by the plugin

    • User admin was found. Instructions on how to change this – Remove Default WordPress Admin User.
    • The .htaccess file was not found in the wp-admin directory. Instruction at Using .htaccess Files To Secure WordPress.