Please note: this post is incomplete & pending review.
A6 – Security Misconfiguration
We have again, a broad category of attacks that can happen at any level of a stack, from ports to login forms. The result: your site andor server gets compromised.
How does this relate to WordPress?
WordPress has created a very detailed document called Hardening WordPress, these steps makes your server and WordPress install safer. Some small simple examples from the document are:
- not keeping
adminas your username
- not using
wp_as your database table prefix
Measures like this strengthen your WordPress install. In addition to the other 9 points herein relating to security, third party WordPress security plugins can greatly enhance your security configuration even further: