| More important than maintaining WordPress, you want a secure server. Here's a not-comprehensive list... - Use a VPS. If you talk to Olly, author of "wpCop" http://wpcop.com/ and the VPSBible, he recommends CentOS. I believe it has a good reputation for security, for web hosting. Also Ubuntu & Debian are about as popular as CentOS for web hosting and they're probably just as secure, but choosing your distro is a big deal because they're all different. - Automated backups of everything, and make sure you know how to restore everything. Backups of backups and offsite backups. So even if something goes wrong, you're not completely screwed. You need "offsite" backups because there's a million ways onsite backups can be lost, stolen, destroyed, etc. - Configure MySQL to ignore remote connections. - Don't use "admin" users for WordPress or MySQL. Is this really necessary? Probably not but it's fairly easy to setup. - Don't use FTP, use ssh. - I know a guy who was on vacation in a certain country and they totally destroyed his server. So be aware of your environment. |