I seem to keep coming across various and sundry tweets, posts, and other references to security issues and attempts to “brute-force” access to self-hosted WordPress installations. The following is something I recommend if you have any concerns … or maybe just feeling a bit paranoid.
I call it Tri-Account Security ™. The idea is actually very simple and quite easy to implement. All it really requires is forming the habit of using three (3) separate accounts, each with their own specific purposes.
Let me break them down for you:
- The Primary Administrator
- The Primary Editor
- The Primary Contributor
Actually you can have as many contributor accounts as you like with this system, but you should have at least one for this to work best. Let me explain how I recommend using these accounts.
The first account, The Primary Administrator, is the installation account. This account is just for the purpose of doing the installation. This account is also the one to use for upgrading; adding new themes; or, adding new plugins. Make the name relatively obscure; and, make the password very, very strong (not too strong to forget, but very difficult to guess … by human or machine). Also, never post with this account … ever!
The second account, The Primary Editor, is your publishing account. I would suggest a more common user name with a strong password; this account will be used to actually post content to your site. Although you shouldn’t normally need to actually post with the account it’s generally fine to do so.
The third account, The Primary Contributor, is your public facing account. Use a simple username, one that makes sense to see in the post meta details, such as the commonly used “posted by …” text. Also note this username, like all usernames in a default installation will appear as part of the author URL in a browser’s address bar. The password for this account can be simple, but should still be “strong” … but if someone breaks into it they really will not have that much access to anything so you can feel secure in making it very easy to remember.
Aside from the “strength” of the passwords recommended for each account above, I will not be going any further into their creation in this post (but maybe I’ll write one down the road) except to make one final suggestion for creating a strong password: use an appropriate amount of common words, or phrase, (without spaces) perhaps five (5) for the Administrator, four (4) for the Editor, and three (3) for the Contributor.
Now that we have the three accounts with a basic premise for each set out, let’s have a look at actually putting them to use in a couple of examples.
Log in with your Contributor account and write the greatest post ever written … no really, go for it! I’ll wait …
OK, now that we have the post written, and you have clicked the “Submit for Review” button (notice how it does not say “Publish”); log out and log back in with your Editor account. Once logged in with your editor account, navigate to the Posts > All Posts Administration Panel and locate your greatest post ever (it should be at or near the top of the list, remember it’s great; you would expect it to be lost at the bottom of the page?!)
Now either using “Edit” or “Quick Edit” you can change the post from “pending review” to “published”… and now the greatest post ever written is available for the world of the Internet to read. Congratulations!
You may also notice the only author information readily available will be your Contributor ID; or in other words, your pen name … and therefore protecting the identity of both your Administrator account and your Editor account.
You are about to write the second greatest post ever written (you did follow Example 1, right?) but notice there is an update that needs to be addressed. As a Contributor you really have no control whatsoever over the WordPress installation, its management, or its administration.
Oh, administration … we have an account for that. Simply log out of your Contributor (or Editor) account, and log back in with your Administrator account. Perform any updates and/or maintenance. Log out. Done!
Now, log back into your Contributor account and get back to writing the second greatest post ever written …