When you are running a professional blog and which is generating a decent enough revenue then you always think about ways to make it more secure. Well, you can make backups of the blog, so even when something happens you have a backup. But that’s not all, if you have more than 10,000 visitors on your blog then you would know that data theft can be a serious issue for your business. Apart from data a blog has several things like registered users, email addresses of users, email addresses of people who have commented. For all the above situations this WordPress plugin is out of the box plugin when it comes to security. Your blog will always be protected. This plugin performs more than 30 checks for your blog for vulnerabilities.
Here are some of the important security checks performed by the plugin for your blog:
1) If you are using latest version of WordPress.
2) If you are using latest version WordPress plugins.
3) If you are using latest version WordPress theme.
4) If WordPress version information is displayed in the page meta data.
5) If “Anyone can register” option is enabled or disabled.
6) If readme.html file is accessible on the default location.
7) If install.php file is accessible on the default location.
8) If the response headers of the servers is displaying the PHP version information.
9) If your WordPress administrator password is strong.
10) If your site is suing the administrator username as admin.
11) If permissions for the file wp-config.php is correct.
12) If extra information is displayed for failed login attempts.
13) If site address is same as WordPress installation address.
14) If your blog has a default database table prefix.
15) If database debug mode is enabled or disabled.
16) If general debug mode is enabled or disabled.
18) If security key values are correct.
19) If your WordPress database password is strong.
20) If upgrade.php file is accessible on the default location.
21) If PHP safe mode is enabled or disabled.
22) If allow_url_include PHP directive is turned on or off.
23) If file editor for WordPress themes and plugins is enabled or disabled.
24) If uploads folder is accessible.
25) If there is a user with user ID 1.
26) If EditURI link is present in header data of the page.
27) If MySQL server can be connected from outside WordPress.
28) If Windows Live Writer link is there in header data of the page.
29) If expose_php PHP directive is turned on or off.
30) If display_errors PHP directive is turned on or off.
31) If register_globals PHP directive is turned on or off.
If there is a security issue you will be notified about that in “Red” in the status column and which you can fix it. The plugin also automatically checks about issues with other plugins and codes.