Did you hear on the news where government websites are getting hacked? It’s pretty scary, isn’t it?
But what about us bloggers? Are we in danger, too?
Some say “No. Who would want to mess with us?”
But the truth is, blogs get hacked on a regular basis.
Knowing this, I’ve asked John Hoff of WpBlogHost if he would share with us a few simple steps we can take to make our blogs a little more safe.
With this being such an important lesson, let’s not waste any more time.
Please take your seats as I turn the classroom over to John.
The floor is yours.
Hello class, my name is John Hoff and I will be your substitute teacher today.
Mrs. Funster, I’ve heard about you and your bra flingin’ activities, so I’ll be watching you!
Do you ever put something off which you know is important and you know you need to do but it goes on the back burner because you don’t know enough about it?
Perhaps you don’t think you have the time to figure it out?
Or maybe the subject simply isn’t “fun”, and who likes to do stuff that’s not “fun”?
But if you stop for a moment and think about how many long hours, days, months, and even years of blood, sweat, and tears you’ve put into making your blog what it is today, imagine the gut wrenching, blood pressure boil you’d get if one day a friend emailed you letting you know your site has downloaded an evil virus to their computer.
Geared up to see what’s going on, you fire up your computer’s Anti-Virus and firewall and nervously enter your site’s URL in the address bar and hit “enter”.
But wait. Your site isn’t there. It’s been replaced with a notice. A notice from Google telling those who come to your site that your site appears to be downloading viruses and as a result has been removed from Google’s index.
All of a sudden the world around you becomes silent and time comes to a screeching halt.
By the way, this situation really happened to a customer of mine. It was only after they were hacked that they realized the importance of protecting their blog from malicious jerks who could care less what you blog about or how badly this could hurt you.
Security Plugins For WordPress (it only takes 7 minutes)
There are lots of ways to secure your blog, some more complicated, some very easy. Most bloggers know how to upload and install plugins, so let’s look at 4 plugins that will cover both awareness and security.
1. Login Lockdown
The Login Lockdown plugin is simple to install and will protect your blog’s front door (the login page) from intruders trying to guess your password by running a brute force password discovery program.
2. WordPress Firewall
SEO Egghead released an excellent plugin called simply, WordPress Firewall Plugin. This is a powerful firewall plugin which guards your blog against such things as SQL Injection attacks. It will even email you when it detects a possible attack. Make sure to whitelist your computer’s IP address so the plugin doesn’t think you’re an intruder.
To discover your computer’s IP address, visit What Is My IP Address? And if you’re curious what kind of email the plugin will send you should it encounter a possible attack, click here to see a screen shot of several attacks it thwarted from some person in China trying to hack my blog.
3. Exploit Scanner
The WordPress Exploit Scanner by Donncha O Caoimh, you know, the guy who created the WP Super Cache plugin, will scan your files and database for possible insertions of malicious code. Part of the battle with securing your blog is also knowing when you’ve been hacked.
4. Bluetrait Event Viewer (BTEV)
Bluetrait Event Viewer (BTEV) is a plugin that monitors events that occur in your WordPress install so you can track such things as who’s logging in and out, what plugins have been deactivated/activated, what programs have been uploaded, etc. You can even lock down this plugin so people cannot deactivate it, even if they have access to your dashboard.
Stop for a moment and think how important your blog’s security is to you. Is it worth 7 minutes of your time?
Do you think your site isn’t a target because you blog about things no one would really care about? Or do you think any and all blogs are targets?
If your blog’s security is important, what steps are you going to take today to ensure you’ve increased your protection?
Questions or concerns?
Please raise your hand and let’s talk about it.
John Hoff heads up the blog services department and is the Blog Editor for WpBlogHost, a site which offers blog hosting, WordPress tutorials, and various blog related services (upgrades, security enhancements, etc.).
You can also find John on Twitter micro-blogging about topics you see in his avatar. When asked what he does for WpBlogHost, his response is typically “I stand behind our blog customers and make myself available for help when they need me.”