Comments on: Don’t forget to add a SECRET_KEY to WordPress http://www.mickmelseo.com/20080428/dont-forget-to-add-a-secret_key-to-wordpress/ The most useful SEO and monetization tips I can find Fri, 21 Nov 2008 18:19:17 +0000 http://wordpress.org/?v=2.6.3 By: Elaine Vigneault http://www.mickmelseo.com/20080428/dont-forget-to-add-a-secret_key-to-wordpress/#comment-303 Elaine Vigneault Tue, 29 Apr 2008 05:55:00 +0000 http://www.mickmelseo.com/?p=73#comment-303 Thanks :) I needed that reminder. Thanks :) I needed that reminder.

]]> By: Mickey http://www.mickmelseo.com/20080428/dont-forget-to-add-a-secret_key-to-wordpress/#comment-301 Mickey Mon, 28 Apr 2008 19:42:31 +0000 http://www.mickmelseo.com/?p=73#comment-301 I would guess they always hope that it's wrapped in Kevlar (especially if they call it a "secure" release), but people will eventually find a hole. If nothing else, this should say "Don't mess with the cookies -- you're not getting in. Look elsewhere." I really don't know enough about security to fully understand it. However, if it makes WordPress 0.1% more secure, then I'm all for it. Getting hacked just makes for a bad day. I would guess they always hope that it’s wrapped in Kevlar (especially if they call it a “secure” release), but people will eventually find a hole. If nothing else, this should say “Don’t mess with the cookies — you’re not getting in. Look elsewhere.”

I really don’t know enough about security to fully understand it. However, if it makes WordPress 0.1% more secure, then I’m all for it. Getting hacked just makes for a bad day.

]]> By: David Bradley http://www.mickmelseo.com/20080428/dont-forget-to-add-a-secret_key-to-wordpress/#comment-300 David Bradley Mon, 28 Apr 2008 19:39:35 +0000 http://www.mickmelseo.com/?p=73#comment-300 Point taken, but if the vulnerability has wrapped in Kevlar, then a strip of duct tape over the top ain't gonna bolster your defenses. Of course, if the new 2.5.1 security is just wads of duct tape, then some extra bullet proofing will be welcome. I've implemented the tip regardless, but then I have been known on occasion to tie a double bow in my running shoes too ;-) db Point taken, but if the vulnerability has wrapped in Kevlar, then a strip of duct tape over the top ain’t gonna bolster your defenses. Of course, if the new 2.5.1 security is just wads of duct tape, then some extra bullet proofing will be welcome. I’ve implemented the tip regardless, but then I have been known on occasion to tie a double bow in my running shoes too ;-)

db

]]> By: Mickey http://www.mickmelseo.com/20080428/dont-forget-to-add-a-secret_key-to-wordpress/#comment-298 Mickey Mon, 28 Apr 2008 19:33:53 +0000 http://www.mickmelseo.com/?p=73#comment-298 David - That's my understanding, yes. However, isn't a bit of redundant security a good thing, especially on something that people work so hard to crack? David - That’s my understanding, yes. However, isn’t a bit of redundant security a good thing, especially on something that people work so hard to crack?

]]> By: David Bradley http://www.mickmelseo.com/20080428/dont-forget-to-add-a-secret_key-to-wordpress/#comment-297 David Bradley Mon, 28 Apr 2008 19:31:03 +0000 http://www.mickmelseo.com/?p=73#comment-297 If I read you correctly and version 2.5.1 is secure, then isn't adding the secret key redundant? db If I read you correctly and version 2.5.1 is secure, then isn’t adding the secret key redundant?

db

]]> By: Paula Hawk http://www.mickmelseo.com/20080428/dont-forget-to-add-a-secret_key-to-wordpress/#comment-296 Paula Hawk Mon, 28 Apr 2008 19:14:42 +0000 http://www.mickmelseo.com/?p=73#comment-296 Thanx for this post - I'm so slow on updating and things on my personally hosted sites, this could have caused me BIG problems! :) Thanx for this post - I’m so slow on updating and things on my personally hosted sites, this could have caused me BIG problems! :)

]]>