Keeping your site secure or safe from hackers is not always easy but is something you need to be aware of. One thing I encourage you to do just in case your site is compromised is to always have a back up of your files and database. As a start, one plugin that can help with this is named BackWPup ( www.backwpup.com ). You can set this plugin to backup your files and database daily, weekly, monthly, or if you feel even hourly. But you can have it email it to you, save it to another server via FTP, or even save it to your DropBox account.

There are a few steps that you can take from the beginning when you first setup your WordPress site. The first thing to do is do not use the default table alias. WordPress by default will suggest that it use “wp_”. If you are only going to use the database for your site and not add any other tables I would suggest you take it off all together, but to make it even more secure use a different alias.

If you already have a site up and running and just want to take what you have now and make it secure here are the list of plugins and what they do:

• Change the login URL
  By default WordPress uses your URL / wp-login. To make it more secure  you can change the URL to be used to login. Sometimes people want /manger, /login, or /admin. Whatever it is that you choose you can use one of these plugins to change it from the default
  - Ozh’ Simpler Login URL – Link
  - Peter’s Login Redirect – Link
  - Custom Login and Admin URL’s – Link
• Limit Login Attempts
  By default WordPress does not limit that amount of tries to log into the Admin. It will instead inform the user instantly that it is not correct and allow them to try again. So using one or even both of these plugins will help you limit this and track what is going on
  - Limit Login Attempts – Link
  - Login LockDown – Link
• Find Out What Security Holes Your Site Is Susceptible To
  Run tests on your site to see what security holes may appear in your site. It is a full time job to stay on top of what the latest security risks are out there. So to help know what your problems are run one, or both plugins to evaluate your sites holes and close them up as you can
  - Ultimate Security Checker – Link
  - Secure WordPress – Link

These are just a few ways you can secure your WordPress site just using plugins. There are other ways that I may expound on at a later time but it requires editing code, editing configuration settings on the server, and even updating the .htaccess on the server.

Bonus Thought:
Another thing that I would encourage all to do that does not make your site a little more secure is in your robots.txt file that you have available to the search engines is to have them ignore your wp-content directory. There is no reason they need to go through these files. To do that you can add the following to your robots.txt file:
Disallow: /wp-admin
Disallow: /wp-includes
Disallow: /wp-content/plugins
Disallow: /wp-content/cache
Disallow: /wp-content/themes
Disallow: /wp-login.php
Disallow: /*wp-login.php*
Allow: /wp-content/uploads

What plugins are you using to secure your WordPress site?

Luke, Future of Web Typography
For years typography on the web has been very limited when compared to what can be in the print world. Over the last few years though we have been given more and more tools to help us accomplish good typography on the web. As time goes on these tools will get better and will become more widely supported. There was an article on Smashing Magazine this week that talked about a lot of these tools that are available to web designers. I really enjoyed reading up, refreshing my memory of code I haven’t used in a while, and also learning some new ways of styling type. Read it over, the text on your website will be very happy you did.

Benjam, 20 Helpful jQuery Methods You Should Be Using
While developing a website, I use a lot of tools, both in the creation of the website files (my text editor of choice, file manager, etc.), and within the website itself (CakePHP, jQuery, CSS, etc.), and I’m always interested in finding features of those tools that I might not be very familiar with.  While I have a deep familiarity with the features I use regularly, and a passing familiarity with most of the features of these tools, it’s always good to get a refresher on what I could be using more.  Here is a post highlighting 20 jQuery methods/features (actually 33 methods in 20 groups) that should be in everybody’s familiarity tool box.

Mac, April Fools – PHP Style
This discusses a topic that we often only think about once or twice a year, but it is still worthy of our attention and deserves some practice to improve our skills. Also, while you are there, subscribe to the PHP Developers feed. The main guy, Chris Cornutt, does an excellent job of filtering the best PHP articles.

So, I’m going to do my part: I found a workaround that I think might work very well for a lot of people who run into this problem. It’s biggest advantage is that it is very very easy to try, and has almost no downside, even if it doesn’t work for your particular situation. In my case, I found that Apache did indeed have a lot of files open, including log files for all my VirtualHosts, all the libraries that httpd depends on, files from sites that are hosted there (though it seems to open and close those just fine), and a large buildup of hundreds of entries for /tmp that were open and apparently never got closed properly. In my case, the server in question has an uptime of over 2 years, and while “apachectl restart” runs at least daily for log rotation, it seems that doesn’t really close unused file descriptors. The workaround I discovered was running “apachectl stop” followed by “apachectl start” which fixed the problem completely for me, at least for the next year or two I hope. From over 1600 open files, after restarting Apache fully that way, it only reopened about 325 files. And the imap_open() calls started succeeding as they should.

One last thought before I hop off my soapbox: when you find an answer to a problem, and that answer was hard to find or was not well documented, do your part to remedy that for the next guy or girl to hit that problem, and post your solution somewhere that Google will find it. It makes the internet a better place for all of us, and makes us all more productive. Who knows, maybe down the road you’ll run into the same problem again yourself, and not remember how to solve it until you find your own post from years before, and it will be your own time you’ll save. I fully recognize that a lot of what I accomplish each day is based on work done by others that I have found and emulated, as they say, standing on the shoulders of giants. Each contribution to the body of human knowledge lets us reach that much higher, so when you can, add your bit and as we all do that, it adds up.