In light of our recent Tech Wreck Tuesday series, this infographic from Copyblogger seemed fitting.
Just because you’ve installed WordPress ump-teen times (I think “ump-teen” may be a technical term) and set up billions (just because it isn’t literally a billion times, doesn’t mean it feels less) of websites before, doesn’t mean you are immune to these somewhat common WordPress user errors.
This might actually make a decent checklist! 😀
How many of these errors have you made in the past?
[Subscribe to Copyblogger’s Newsletter Here!]
There are some good times for WordPress n00bs and veterans alike!
Have you made any of these mistakes before?
[via Copyblogger]
Raoul Snyman says
One of WordPress’s problems is that it still hasn’t migrated away from the idea that a URL needs to point to a real file on a server. Go to any WordPress site and type in “http://example.com/wp-admin/”. You’ll get the login page, which just is a subdirectory in the WordPress installation. Most modern systems don’t have a correlation between files and URLs.
If you look at other systems, like Drupal (which I’m most familiar with), there is zero correlation between URL and filenames. This doesn’t necessarily make your site any more secure, but it does mean that potential crackers have a higher barrier to entry.
Of course this is rooted in the fact that WP is written in PHP, which also is deeply rooted in the “URLs == files” mindset. And I’ll stop there before I venture into the “why PHP is bad” rant.
Eric Dye says
LOL!
Jason T. Wiser says
Great list and info graphic. Some very practical check list items.
I am not sure though about #7 how do you see hackers getting into deactivated plugins?
Eric Dye says
That’s a good question… :-/