Security is fast becoming the buzz word around WordPress and so I feel I need to get better acquainted with it. I will hold my hands up to the fact that it isn’t the area I am most competent in. With that in mind I have been considering a few security based plugins, one of which I want to introduce with this post.
I have produced a test plugin but despite it doing what I intended, I think, I am not entirely convinced it is actually beneficial. In this respect security and accessibility are similar in that despite good intentions you could just end up churning water and have no really impact.
The plugin is derived from Matt Cutts’ post in which he suggested using .htaccess to limit access to a particular IP address. This was generally commented on as good in principle but slightly defeating the object of web based services.
The general idea is that a user can tell WordPress that they are at the home IP address, and WordPress will then save this IP address along with a password.
If the user logs on from a different IP address then they need to enter their normal password, plus, an additional password, which, in theory, should be different. Obviously it shouldn’t be used with Dial up accounts.
My confusion is really over how useful this actually is. I don’t know how passwords are gathered. I would presume passwords are more vulnerable when logging onto a different computer and in that case why wouldn’t they just gather two passwords instead of one? If you are in the database already then you can do what you want regardless so it won’t stop that. Is there a situation where this would be useful?
You can download a copy of the concept plugin here.
To use it log in as normal, go to your profile, and enter a password in the box at the bottom.
(__)
`
Christoph, I agree with you. I have been learning a lot myself in just thinking about the subject.
It is certainly true that no plugin could ever be the silver bullet (or even a bit of one) if the server itself presents vulnerabilities.
The point you make about insecure networks is also a good one; it doesn’t really matter how many passwords you use if they can all be captured through the network. That was my main concern about this plugin. I’m not convinced it actually adds anything, except a misplaced sense of security, to the party. But it is worth exploring if only to confirm that.
I also think a lot of people are a little scared of using .htaccess for security because it feels like a solution that is out of their control, i.e. there isn’t any code to speak of, it just does it in the background.
I don’t think they should be, but the unknown is usually the scariest thing.
(__)
`
The idea of the plugin isn’t bad, security always matters. However, I found teaching how to work with things related to security generates far more security than just installing several plugins to “harden” WordPress (or any other webservice, application, you name it).
In this case specifically: using .htaccess to restrict access to /wp-admin/ for a specific IP is definately a security measure that makes sense – if you use a passwordfile in a directory that is not accessible by an url. Else the hashed passwords can be cracked within minutes (depening on length and strength of the password). A good read is this: http://www.securityfocus.com/infocus/1368
Like I said, raising the level of awareness generates far more security than any super-duper plugin or security measure could probably do. For a start, I would not advise anybody to log into their website from a network you can’t trust in the first place (public hotspots, shared connection to the net etc.) Wordpress does not rely on SSL by default, so your password is moving through the network anyway just waiting to be sniffed.
Also, hardening your WordPress install is not going to solve all your security problems. You have to keep WordPress always up to date – as well as your server OS, database software, webserver, PHP etc. etc. etc.
Security is more than something you can download and apply – you have to understand it first.