Start learning with our library of video tutorials taught by experts. Get started
Viewed by members. in countries. members currently watching.
This course explains how to secure self-hosted WordPress sites, including site configuration, code modification, and the use of free plug-ins. Beginning with the basics of site security, author Jeff Starr explains how to harden a WordPress site by configuring authentication keys, setting proper file permissions, and removing version numbers. The course shows how to implement a firewall, prevent automated spam, and control proxy access, and concludes with a series of advanced tips and site security best practices.
Here we are at the Akismet web site to make a point. Check out this number. Akismet has blocked over 27 billion spam comments. That's incredible, and there's a reason why. Akismet is the easiest safest way to protect your site against comment spam. It just works, and it's all you need for a spam-free site, so we definitely want to use it. This screencast will show you how. Here in the WordPress Admin area we go to the Plugins page by clicking the Plugins link in the Plugins menu.
Awesomely, Akismet is included with WordPress by default, so it's ready to go. Simply click on the Activate link like so to go ahead and activate the plug-in, and notice now that there's a message that asks for your Akismet API key. If you already have one of these for another site, it may be used here as well, so go ahead and enter it. Otherwise, let's go back to the Akismet web site and get one of our own. We click on Sign up for Akismet and we are presented with a screen that provides us several options.
If you're running a personal site, there's a free option here that will work just fine; otherwise, you may want to look at some of the other deals. So let's go it's free, give it a click, and fill out the form. They do a great job at asking for money. We get a sad face for $0 and a big smile for the max amount, but really, Akismet is totally free for personal sites. So if you have a personal site, slide it to 0, fill out the form, and then click the Continue button to get your API key, which will be emailed to you.
Once you have it, return to your web site. Click on the enter your Akismet API key link. Here at the Akismet Configuration page, simply enter your API key here in this field, and selecting both of these options is also recommended. Auto-deletion of spam makes Akismet even more hands-free and here, displaying approved comment count is going to make managing comments much easier.
Finally, click Update options to save your info, and you're ready to go. Akismet is now configured and working properly to protect your site against spam. Note, also that you can check the Akismet network status at any time to make sure everything is working great, but honestly, I've never needed this information. Akismet just always works, but it is there if you need it. Now that Akismet is activated and configured, let's see how to keep an eye on it. We go to the Comments menu, and here on the Comments page we click on the Spam link.
These are all the comments that Akismet has caught and marked, or labeled, as spam. Periodically you may want to visit this area and scroll through to see if there's anything that doesn't belong here. See, right here is a comment from Mr. WordPress. That shouldn't be there, so let's restore it by clicking Not Spam, and that's done. The other cool feature that we enabled during the configuration of the plug-in was to display the number of approved comments next to each comment author.
That information is displayed right here. These spammers have no approved comments. This provides a convenient way to sort of scan down the column and check for false positives, cleverly referred to as 'ham' To see your site's ham, plus a ton of other awesome data, visit the Akismet Stats link in the Dashboard menu. There is really nothing to see yet for this demo site, but I can show you the Akismet stats for our WordPress site, digwp.com.
Here we get a variety of useful statistics, such as accuracy rate, total ham, and even something called yummy pie. Lots of historical data is available here and below, too, so dig deep and learn more about your spam and ham. And that's about it. Akismet is what's referred to as a 'set it and forget it' type plug-in. It does an excellent job of keeping your site spam free and should be the only anti-spam plug-in you need for your WordPress-powered site.
There are currently no FAQs about WordPress 3: Developing Secure Sites.
Access exercise files from a button right under the course name.
Search within course videos and transcripts, and jump right to the results.
Remove icons showing you already watched videos if you want to start over.
Make the video wide, narrow, full-screen, or pop the player out of the page into its own window.