Home » Web Security » Online Global Threats


Online Global Threats


Posted by admin on Dec 18th, 2009 // Leave A Comment

Online Global Threats - Top 10 Security Tips

  

My Blog Review Online Global Threats Blog Protection

This article is going to try and help you secure your blog or website against future attacks from many of the online global threats that wander the dark recesses of the internet. 

The title of this post may strike you as slightly meladramatic or indeed scaremongering! Nevertheless the fact remains that whilst computers & operating systems advance at an astonishing rate,  unfortunately so do the abilities of those that would have your blog or website crashing to its knees.

  

1. Passwords

  

Now I know many of you are giving a huge sigh at this heading, but you would be truly amazed at how many people just don’t quite get the meaning or relevance of a good password.  

Basically by just using the lower case letters & a 4 character password, you have 26^4 or (26 x 26 x 26 x 26)  = 456,976 possible variations, which for a password is pathetic!  

However by using a mixture of lower case, upper case & numbers 0 – 9, we get  62 x 62 x 62 x 62 = 14,776,336 & just by adding 2 more character spaces to your password we then get 56,800,235,584 possible variations!  

So my friends lets say the first example could be cracked in 1 minute, the 2nd example would then take 32.5 minutes & the 3rd example would take 124295 minutes or 2071 hrs ! 

 

2. Change Passwords Regularly

  

You should always change passwords regularly, at least once per month. The reason for this is a follow on from above, if someone is trying to hack your computer, they may not dedicate the whole 2071 hrs in one hit, in fact quite often it will be split up over a period of days or even weeks.  

By changing your password regularly, if someone was indeed part way through trying to gain entry to your PC, it would mean they would have to start right from the beginning again, but more often than not they would give it up as a waste of time! If you are troubled by hackers then I would suggest changing your password weekly until they give up and move on.  

 

3. Storing of passwords

  

Never store passwords on your computer & never allow IE8 or any other browser to store login details either to your blog or your hosting account. This also applies to your FTP client if you use one, do not store the login details, it is far safer to always type them in. The extra time taken is nothing when compared to rebuilding your blog or website.  

If you must store your passwords anywhere, then store either on a removal pen drive or on your mobile phone under a heading that only you understand. At least that way you do not give access to anyone that steals your mobile! 

 

4. Regular Backups of Your Database

  

This is crucial to relieving stress & worry. Re-installing your blog software, can be done in a matter of 5 minutes or less. However if you lose your database then basically it is curtains for your blog or website, unless you are lucky enough to have saved copies of everything you have written & posted. Even so the work involved in doing a full rebuild can be more than the blog is worth & many people having suffered at the hands of a  hacker will often give up at this point.  

I am not saying do a full database backup daily, but if you write new posts daily then a weekly backup would mean just losing a handful of posts should the worst happen. It is also worth checking with your hosting company, because many will offer full daily backup for a nominal fee.

 

5. Paying Close Attention to Your Blog / Website

  

Yes you are probably sat there scratching your head over this one, but as with many virus or Trojan attacks, one of the first signs of a problem is a sudden & unexplained drop in performance or access time. If you experience this then run a full scan of your own PC immediately, check access times to other sites & if they seem fine then you need to go straight to your hosting account and check for any abnormal activity. Look for files or directories that should not be there, check your latest visitor report & access logs for any irregularities.  

If someone is indeed trying to hack your site then you will spot it in either your access logs or especially your error logs, because each failed login attempt is recorded along with the IP address. Most all admin panels to host accounts have the ability to block access by IP address, so if you are indeed being attacked add the IP address to the block list.

 

6. Restrict access to sensitive areas

  

This one was covered in a previous article; however it is well worth repeating for those that do not know about it, if you are using Linux hosting then there is the Apache htaccess file that is an excellent tool for restricting access to sensitive areas whilst still allowing access to the public areas of your blog.

 

These last 4 are Wordpress specific, however I am sure that any other decent blogging platforms would provide similar plugins.

 

7. Fast and Secure Contact Form

  

This contact form allows your visitors to send you a quick E-mail message. Spam is no longer a problem as this plugin includes a Captcha code and is Akismet compatible. It blocks all common spammer tactics, so prevents bots from trying hacking attacks using special characters to reveal blog details.

 

8. SI CAPTCHA Anti-Spam

  

This prevents spam & hacking attempts from automated bots by adding Captcha codes. This is great to help protect against password cracking because if set correctly you would also need to input the Captcha code at login as well as your username & password.

 

9. WP-Copy Protect

  

This plug-in will protect your blog content (posts) from being copied. A simple plug-in developed to stop the Copy cats. This is an excellent little plugin that not only disables right click, but also copy & paste via highlighting.

 

10. Secure WordPress

  

This plugin is the final aspect of securing your blog. It has 8 available settings that should be checked in order to prevent unauthorized access to various areas of your blog. Follow the instructions on the 9th setting to be able to get a full security scan of your blog which is carried out by Wordpress. This is ideal for highlighting any area you may have overlooked.

 

Summary

  

By following these simple top 10 security tips, you can rest easy knowing that you have safeguarded your blog from many of the online global threats that may be encountered whilst browsing the Internet.

Steve Nickson | Create Your Badge
Facebook Badge

Related posts:

  1. Online Safety – Phishing Attacks
  2. Global Translator Plugin
  3. Blog Security – Spammers & Hackers
  4. FormBuilder WP Plugin
  5. Wordpress Plugin – Contact Form
Tags: , , , ,

You Comment & I Will Follow..?


If you enjoyed this post, then why not help us promote it by using the social buttons above ?


By commenting in this blog, you agree to abide by our Comments Policy.

Copyright © 2009 - 2010 · My Blog Review · All Rights Reserved · Redesigned by M.B.R · Powered by WordPress