I’ve used Better WP Security on my other non-CBox sites with good success. There are, however, plenty of settings that give warnings of conflicts with some themes and plug-ins. Has anyone compiled a list of Better WP Security settings that are known to be a problem with CBox-recommended plug-ins or themes? Is there a better security option for CBox I should be aware of?
This begs the more general question… just how secure is CBox in general? I have enabled the function that causes the site to be visible to logged in users only, but I wonder how secure that gate actually is… have there been any exploits to get past it that we know of? If it’s purely a question of a bot guessing user names and passwords until the cows come home, something like Better WP Security should do a decent job of shutting them down. But I still wonder how confident I should feel about content behind the login page being kept safe from prying eyes. I’m not going to keep a master list of passwords for bank accounts back there, but I’d like to feel somewhat confident that discussions of a sensitive nature aren’t going to be seen without a significant and directed attack.
I know this is a ‘how long is a ball of string’ question, but wonder if there are any comments?