Securing Our Blogging

Ever since Matt blogged about secure blogging on wordpress.com I have really had it in the back of my mind that maybe I should entertain thinking about doing something myself.   That article linked to some work that Ryan had done on securing wordpress using ssl.    There were some mixed results on that plugin, but it was a big step forward for those that required more security with ssl on Wordpress.

Personally, I spend a great deal of time on the road and find myself using public internet.    Without refraining from blogging, there was no real way to protect myself from password scrapers and packet sniffers.   It generally isn’t a large issue for people and there are many ways to secure your wordpress, but it seemed like a pretty good idea to look at ssl for logging in and the admin area.

There were quite a few things to look at when thinking about why I would setup ssl and how to do it.   First off, running WPMU would require wildcard ssl so that all domains would be covered.   As well, it would require some changes to plugins and such, but that went well.    Another thing I needed to cover as installing the ssl certification, but google is always your friend and installing on PLESK was actually extremely simple.

The plugin I decided on was from Haris.tv and it was as simple as putting into the mu-plugins folder and it works.   It is based off the work I referenced earlier from Ryan and is a way to protect the login, the admin and some other goodies.    The entire process required some thinking and I just wanted to share what I was doing in case you think about this process for yourself.