Congratulations, you’ve just installed Wordpress.  What next?  Before you start customizing and writing posts, here are a few things you can do to improve and secure your WordPress installation.

1. Disable HTML in Comments
   If you do not want your users styling their comments, or spamming them with links, you can add this line of code to your functions.php file:

   add_filter( 'pre_comment_content', 'wp_specialchars' );

2. Remove WordPress version from the source code
   Anyone can view the source code of your website.  In most cases, your header.php file will contain the version number of your current installation.  To have it automatically removed, add this to your functions.php file:

   remove_action('wp_head', 'wp_generator');

   This prevents any hackers from targeting the flaws and bugs of a specific version of WordPress to hack your website.

3. Edit Permalink Structure
   Set your permalinks to include the post’s title.  This not only makes your URL more readable, but is also a great technique for Search Engine Optimization.
4. Activate Akismet
   It doesn’t matter who you are or what your blog is about, spammers will find it and they will leave spam comments.  Luckily, WordPress comes with a decent spam blocker, Akismet.  To activate it, you’ll need to get a WordPress API key.  Simply register for one on WordPress.com.  Once you have the key, activate the plug-in and enter the key.
5. Implement a backup schedule.
   No server is ever 100% reliable.  Be proactive and make a schedule to export your site’s posts, pages, comments, custom fields, categories and tags just in case anything should happen.  The more frequent you post, the more frequent you should backup.  To run the export, go to Tools ->Export.  Keep this file safe and secure off your web server.

That’s it for now.  Be sure to check back for more tips, tricks and hacks as WordPress Dudes gets underway.  Thanks for visiting!