WordPress isone of the most popular a content management software (CMS) that allows you to create and easily manage an entire website or blog. In addition, WordPress is free and customizable with many themes and extensions. Word press also posses a strong community around the world.
With some basic skills in computer and web technologies, you easily create your own website and publish its own content.
To install Wordpress
- PHP 4.3 or later
- MySQL 4.0 or later
- The module for rewriting url in Apache
- Click on next.
- Enter the information needed to connect to the database, then click OK.
- Run the installer.
- Click "Install Wordpress"
- Wait for the installation to be completed.
- A password is generated and is sent to you by e-mail.
- You can now login to the admin interface.
Securing your application
Replacing the admin account
The first thing that hackers attempt to your blog is to hack the account "Admin".
Tip: Create a specific account for the administration with admin rights, then delete the default admin account.
Do not use this account "new administrator" account to post articles. Thus the hacker will not even know the login to administer the account and make piracy even more difficult.
Keep Wordpress Updated
Security holes are sometimes found in Wordpress.
Monitor new releases, and do not delay installing them.
The delay in installing the updates has already led to massive piracy of blogs in the past.
To check if you're up to date, go to the Wordpress configuration: Tools> Update.
You'll see immediately if you use the latest version.
To reduce the risk of recovery passwords (by rainbow-tables attack, for example), change the following settings in your wp-config.php:
define('AUTH_KEY', 'put your unique phrase here');
define('SECURE_AUTH_KEY', 'put your unique phrase here');
define('LOGGED_IN_KEY', 'put your unique phrase here');
define('NONCE_KEY', 'put your unique phrase here');
Replace put your unique phrase here by a long string of random characters, different for each of 4 parameters.
The aim is to enhance the encryption and hashing passwords and cookies to prevent certain types of attack.
Installation at free.fr
- If you want to install Wordpress on free.fr, there are 2 small changes that must be made:
- First, create a file .htaccess at the root of your Wordpress (i.e in the same directory as wp-config.php) containing these two lines:
ErrorDocument 404 /index.php
Thanks to jeantube for this tip.