just read hardening wordpress out of interest, does this mean that wp-content files can be changed by anyone in the standard install? it says “/wp-content/ — variable user-supplied content: intended by Developers to be completely writable by all (owner/user, group, and public).
* /wp-content/themes/ — theme files. If you want to use the built-in theme editor, all files need to be group writable. If you do not want to use the built-in theme editor, all files can be writable only by your user account” ” how would someone do that and how can i stop them if i still want to use the built in theme editor?
Change the write permissions. IE, 777/666 is bad. 755/644 should be okay for those files. That makes them world-readable and world-executable, but not world-writable.
Another thing you need to do is go into your database and change your admin username. Then pick a strong passphrase.
Thread Starter
4k
(@4k)
Thanks. I’ve taken on some of those suggestions. Now if people could just go get a life. Sigh.
How do I reset my password?
Also, I have no backups to restore through the database.
Is there any other way?
Another thing I heard was to look at the plugins?
