10 Jan 2011
Are you doing the best for your business?
My name is Sean Fisher and I am a software developer and consultant. Coming from years of experience with WordPress and other software, I can help your business in the best way possible. You may view a sample of my work in my portfolio. I would love to hear from you and learn how I can help you today.
WordPress security is often very strong straight out of the box. Though many may say that open-source software is insecure, I beg to differ. Within hours of realizing a security breach in the code, WordPress and mostly @nacin had updated the code and pushed a security update. That's hours, not days like the big corporate companies (cough Adobe).
Nevertheless, I love to make it even more secure. And I think I have done that. Introducing Lockdown WP Admin. It is a neat plugin to help you lock down WordPress's admin interface.
It can do two things, one hide the WordPress admin interface from non logged-in users and provide built in HTTP Authentication. By hiding the WP admin interface, if you access domain.com/wp-admin/, you wouldn't be redirected to the login page if you weren't logged in. Instead, you would recieve a 404 File not Found error.
HTTP Authentication is a secure way to provide security to your WordPress install. You can control this in two ways. It can ask for your WordPress login credentials, or you can create your set of custom user/passwords. This way, you can have a double your chances of an unauthorized user from accessing your WordPress admin interface. Over at @teensintech, we used this when we have out authors login with their own WordPress credentials and then they must login with another set of username/passwords to be twice as secure. That may not be the best practice possible, but I think it decreases my chance of brute force attack.
You can download the latest version at http://wordpress.org/extend/plugins/lockdown-wp-admin/. I'd also love if you can support me and my other plugins by donating!