WordPress Secret Key & Cookie Strength
There is a little known feature in WordPress 2.5 called "Secret Key". If you're upgrading from a previous version you probably won't even know this feature exists as it only appears in clean installs where you have a brand new wp-config.php.
If you're upgrading, I'd recommend putting this line somewhere in your wp-config.php
define('SECRET_KEY', 'YOUR SECRET KEY');
Replace YOUR SECRET KEY with a nice long random collection of junk.
Doing so will greatly increase the security of your blog by increasing your WordPress cookie strenght.
Doing this will invalidate all your logins, so everybody on your site will have to relogin. This means that your login cookies, if intercepted, won't be able to be reproduced as easily. It also means that somebody who gains read-only access to your database through some other means won't be able to login to your site.
Related posts
- WordPress WP-O-Matic Duplicate Posts Fix
Got a problem with WP-O-Matic creating duplicate posts? Or just WordPress in general. Me too.... - .htaccess redirect based on requested domain
Imagine you have a selection of domain names that point to the same site, are... - Debugging WordPress
Debugging WordPress is actually quite simple. Stop yourself going grey and or bald. In your... - Crawl Rate Tracker and WordPress 2.5 Manual Fix
A quick update on people that need the Crawl Rate Tracker to work with WordPress... - WordPress/Shopp Shipping Calculator/Options Access-Control-Allow-Origin Error
I've recently been debugging a customer's WordPress/Shopp store. When the customer set the Cart &...
About Kieran
