You should: Change the default user name directly in the database. Put files that contain login credentials outside your webroot. Don’t allow writable directories. (With details….) Don’t allow users to upload anything. Sorry. Avoid toxic data. Patch like mad. Use a security notification plugin like Sucuri (and actually pay attention). Change your username if the …
Continue reading “[ Security for Web Developers ] :: 16: Best Practices”