Top 10 Security Tips To Safeguard Your Blog
Using our Top 10 Security Tips, this article is going to show you how to safeguard your blog against possible future attacks, from many of the more common online threats that wander the dark corners of the world wide web.
The title of this article may seem to be a little meladramatic or perhaps even scaremongering!
Nonetheless the fact does remain that whilst computers & their operating systems advance at an astounding rate, so do the abilities of those that would have your blog crashing to its knees.
Top 10 Security Tips
1. WP-Copy Protect
This plug-in will protect your blog content (posts) from being copied. A simple plug-in developed to stop the Copy cats. This is an excellent little plugin that not only disables right click, but also copy & paste via highlighting.
2. Restrict access to sensitive areas
This one was covered in a previous article; however it is well worth repeating for those that do not know about it, if you are using Linux hosting then there is the Apache htaccess file that is an excellent tool for restricting access to sensitive areas whilst still allowing access to the public areas of your blog.
3. Change Passwords Regularly
You should always change passwords regularly, at least once per month. The reason for this is a follow on from above, if someone is trying to hack your computer, they may not dedicate the whole 2071 hrs in one hit, in fact quite often it will be split up over a period of days or even weeks.
By changing your password regularly, if someone was indeed part way through trying to gain entry to your PC, it would mean they would have to start right from the beginning again, but more often than not they would give it up as a waste of time! If you are troubled by hackers then I would suggest changing your password weekly until they give up and move on.
4. Use Quality Passwords
Now I know many of you are giving a huge sigh at this heading, but you would be truly amazed at how many people just don’t quite get the meaning or relevance of a good password.
Basically by just using the lower case letters & a 4 character password, you have 26^4 or (26 x 26 x 26 x 26) = 456,976 possible variations, which for a password is pathetic!
However by using a mixture of lower case, upper case & numbers 0 – 9, we get 62 x 62 x 62 x 62 = 14,776,336 & just by adding 2 more character spaces to your password we then get 56,800,235,584 possible variations!
So my friends lets say the first example could be broken in 1 minute, the 2nd example would then take 32.5 minutes & the 3rd example would take a staggering 124295 minutes or 2071 hrs !
5. Storing Passwords Securely
Never store passwords on your computer & never allow IE8 or any other browser to store login details either to your blog or your hosting account. This also applies to your FTP client if you use one, do not store the login details, it is far safer to always type them in. The extra time taken is nothing when compared to rebuilding your blog.
If you must store your passwords anywhere, then store either on a removal pen drive or on your mobile phone under a heading that only you understand. At least that way you do not give access to anyone that steals your mobile!
6. Fast and Secure Contact Form
This contact form allows your visitors to send you a quick E-mail message. Spam is no longer a problem as this plugin includes a Captcha code and is Akismet compatible. It blocks all common spammer tactics, so prevents bots from trying hacking attacks using special characters to reveal blog details.
7. SI CAPTCHA Anti-Spam
This prevents spam & hacking attempts from automated bots by adding Captcha codes. This is great to help protect against password cracking because if set correctly you would also need to input the Captcha code at login as well as your username & password.
8. Regular Database Backups Are A Must
This is crucial to relieving stress & worry. Re-installing your blog software, can be done in a matter of 5 minutes or less. However if you lose your database then basically it is curtains for your blog or website, unless you are lucky enough to have saved copies of everything you have written & posted. Even so the work involved in doing a full rebuild can be more than the blog is worth & many people having suffered at the hands of a hacker will often give up at this point.
I am not saying do a full database backup daily, but if you write new posts daily then a weekly backup would mean just losing a handful of posts should the worst happen. It is also worth checking with your hosting company, because many will offer full daily backup for a nominal fee.
9. Paying Close Attention to Your Blog / Website
Yes you are probably sat there scratching your head over this one, but as with many virus or Trojan attacks, one of the first signs of a problem is a sudden & unexplained drop in performance or access time. If you experience this then run a full scan of your own PC immediately, check access times to other sites & if they seem fine then you need to go straight to your hosting account and check for any abnormal activity. Look for files or directories that should not be there, check your latest visitor report & access logs for any irregularities.
If someone is indeed trying to hack your site then you will spot it in either your access logs or especially your error logs, because each failed login attempt is recorded along with the IP address. Most all admin panels to host accounts have the ability to block access by IP address, so if you are indeed being attacked add the IP address to the block list.
10. Secure WordPress
This plugin is the final aspect of securing your blog. It has 8 available settings that should be checked in order to prevent unauthorized access to various areas of your blog. Follow the instructions on the 9th setting to be able to get a full security scan of your blog which is carried out by WordPress. This is ideal for highlighting any area you may have overlooked.
Summary
By following these simple top 10 security tips, you can rest easy knowing that you have done everything possible to safeguard your blog from many of the online global threats that may be encountered whilst browsing the Internet.
Republished by Blog Post Promoter
Related posts:
Posted by Steve (Admin)
on Dec 7 2011. Filed under Web Security.
You can follow any responses to this entry through the RSS 2.0.
You can leave a response or trackback to this entry
