Better Default Security in WordPress 2.6

Posted on by

WordPress 2.6 will be more secure out-of-the box including better support for running the admin over SSL and changes to disable the remote publishing protocols by default.

We have choosen to disable Atom Publishing Protocol and the variety of XML-RPC protocols by default as they expose a potential to be a security risk.

Peter Westwood, a Lead Developer for WordPress, revealed they are making the default install more secure. This will go a long way to making WordPress more secure. If your security consciousness has the dial tuned closer to the paranoid end of the spectrum, then check out Blog Security’s WordPress Security Whitepaper, which lists out many things you can do to lock down your self-hosted blog, and keep out the baddies.

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong> <pre lang="" line="" escaped="" highlight="">