Managing Your Registered Users
In a secured Wordpress blog information should be given out only on a need to know basis. Certainly your brand new registered users should not have access to your WP Dashboard.
One security measure that is often overlooked in Wordpress blogs is hiding the version number that your blog is running.
In a secured Wordpress blog information should be given out only on a need to know basis. Certainly your brand new registered users should not have access to your WP Dashboard.
Registered users of your blog, and especially new subscribers should not have access to which version of Wordpress your blog is running. Wordpress version update nag reminders tell potential hackers that you are not running the latest version of Wordpress.
Hackers have bots crawling the Web looking for blogs running specific versions of Wordpress. But apparently, Wordpress is more interested in claiming credit for creating your blog, then they are in protecting bloggers from this well known security issue.
Time to wake up, bloggers! Blogs running old versions of Wordpress are just asking to be hacked.
