You could password protect your public_html folder using a .htaccess file, obviously meaning only users that know the password could gain access to your blog. But I just installed a test wordpress blog under a different directory, for instance: domain/test/wp/ and tweak my templates from there. When I’m satisfied with a template I will move it to my primary blog and go from there.

There’s a plugin which only lets registered/logged in users view your site -> http://blog.taragana.com/index.php/archive/angsumans-authenticated-wordpress-plugin-password-protection-for-your-wordpress-blog/

Or if you just want to hide your site from prying eyes – put a page called index.html with ‘coming soon’ or similar in your wordpress root folder, and that will load up by default instead of index.php. This method isn’t foolproof but it’s quick and works for me!(You have to remember to temporarily point your homepage links to the php and not html page though)

Here’s the one I’m working on at the moment:

http://www.paulryding.com (old site still shows)
http://www.paulryding.com/index.php (new site – but i’ve had to make the homepage button link to index.php)

755? Shouldn’t that be 775? (assuming, that is, the directories in question are gid ‘www’ or ‘apache’ or whatever)

No, and yes —

No, its 755 or lower IF your server is running phpsuexec. Otherwise, the server cannot write to the directory. The server runs as ‘nobody’ or ‘www’ or ‘apache’ or some such — not ‘root’ and not your uid. If the directory is set to the same group as the server, and group-writable, then the server can write to it.

Yes, it is *much* more secure to use phpsuexec (assuming you are on shared hosting) By making a directory 775, other users might(could) be able to write to it, via *their* cgi scripts.

Most ISP’s batton down what they can (php for example, can be restricted), and most people who pay for hosting are not going to go hacking, given that they are known by the hosting company. But still….

EDIT: (realized i was talking too much ‘geek’, so will add a touch of clarification, for any reader who is confused by chmod)

In the number, say, 750, the first ‘7’ applies to the user, the middle number (‘5’) applies to a group of users [each user belongs to one or more groups], and the last number (‘0’) applies to everyone else.

The numbers themselves are formed by adding:

+1 == execute (or access a directory)
+2 == write
+4 == read

So, 750 means the owner can read/write/execute, anyone in the file’s group can read/execute, and everyone else is out of luck

np!

Is 775 secure? No, not very at all — consider for a moment the file ‘wp-config.php’. The one that holds your database password…it should (ideally) to 600, so that not even apache can read it (if apache can read it, then [maybe] other users can too)

I’ve recently signed on to dreamhost.com (two weeks ago — not long enough to vouch for their service, but long enough to vouch for their offering). They run phpsuexec, and have WordPress one-click-install, and more (MUCH MUCH more).

http://wiki.dreamhost.com/
http://discussion.dreamhost.com/

(forums — so you can see the good AND the bad)

On the other hand, customer service seems vital (for the sake of your client) — and if podz can vouch for that, you might just want to go with site5.

PS: (if you DO decide to sign up [with dreamhost], you might want to know about their affilate program. It uses promotional codes, the “enter this code when you sign up and get $50 off” You can spot them in some signatures on the discussion board)