WordPress is currently (and has been for a long time) 1 of the most popular tools for creating blogs and web sites on the internet. Due to the level of popularity that WordPress has gained it has been a target for hackers looking to deface the website, send spam or make the site a part of a bot net (and of course many other things).
The attackers use vulnerabilities that are found in the core code, plugins and yes even themes.
There are many plugins that try to help mitigate the risks but they are fighting a lost cause and really cannot combat all vulnerabilities. Continue reading “Interested In Security And Running WordPress?”
Recently I updated the Better WP Security plugin. The developers have decided to rename it to iThemes Security. After a while I kept getting banned from the blog (I just kept getting a page stating “error”.
After doing some digging I found that the problem had been caused by the “default-user-image.png” image that was set in the All In One SEO Pack. I had changed the name of my wp-content folder (as per 1 of the recommendations in iThemes) however the links to this file were still leading to wp-content.
After installing iThemes make sure that you modify the location of the default user image in “All In One SEO” >> “Social Meta”. The setting you are looking for is “Default OG:Image”. Simply change wp-content to the new name that you have given the folder.
On a side note when looking for the issue I came across a red herring. In the main plugin script (all_in_one_seo_pack.php) a couple of constants are defined to state the name of the wp-content folder. When questioning this in the support forum I was advised they are not used any more. Begs the question why are they still there?