I don't know about you, but when I first secured my WordPress blog, and I researched to find out what others do to keep their blog safe, I found so much information that I was confused. And some of the data was actually over the top or superstitious. People told me rename this folder to rename this file and set up these ten plugins. It appeared to be a bit of work and effort.
The fix malware problems free Codex has an outline of what permissions are acceptable. Directory and file permissions can be changed either via an FTP client or within the page from the hosting company.
There are many ways to pull this off, and a lot of them involve re-establishing much more and databases and FTPing files, exporting and copying. pop over here Some of these are very complicated, so it's imperative that you go for the one that is best. Then you might want to look into using a plugin for WordPress backups, if you are not of the technical persuasion.
There's a section of config-sample.php that's headed"Authentication Unique Keys." There are. There is a hyperlink within that section of code. You need to enter that link in your browser, copy the contents which you return, and then replace the keys you have with the unique, pseudo-random keys offered by the site. This makes it harder for attackers to automatically generate a"logged-in" cookie for your site.
Black and phrases that were whitelists based on which area they look inside. (unknown/numeric parameters vs. known post bodies, comment bodies, etc.).
Implementing all the above will probably take less than an hour to complete, while creating your WordPress site more resistant to intrusions. Over about his 1 million WordPress websites were last year, largely due to easily preventable security gaps. Have yourself prepared and you're likely to be on the safe side.