Simple Measures to Improve the Security of Your Blog
Over the last few months there has been a lot of talk about wordpress blogs being hacked into and even my Internet mentor, Alex Jeffreys has had his blog hacked.
Many people who use blogs have no idea how and why people hack into these blogs.
There are a number of reasons, mainly i believe at the moment is to send traffic to, get paid to visit sites.
If your blog is hacked they may deface it or delete some or all of the content.
The hackers may even install some sort of malware that installs on the computers of your blog’s unsuspecting visitors.
Traffic to your blog can also plummet and Google can remove your blog from their search engine results.
It does not matter what software you use there is no software with no security holes.
Things you can and should do:
1. You need to ftp or use your cpanel to go to your blogs plugin folder, this will be inside your wp-content folder. In the plugin folder you need to create a blank index.html file, this will stop some hackers from seeing what plugins you have, and then looking for the security holes for the plugin you have installed.
2. Make sure you upgrade to the latest version of wordpress and update all your plugins.
3. Password protect your wp-admin directory then any attempt to directly load a page from that directory will cause a “401 Unauthorized” error unless a specific user name and password combination is supplied. This is not the same log in details as your WordPress user account, you are making an extra one.
This can be done by using your cpanel and click on the folder password protect directorys and click on the wp-admin directory and enter a username and password. Now when you log in you should have to enter 2 sets of passwords and usernames. Its a bit more time to do but if your blog gets hacked, you will be spending a lot more time sorting out the mess that is left behind.
4. Back up your posts and comments, go into your wordpress dashboard and go to settings click on tools then export. When you click on this button wordpress will create an XML file for you to save to your computer. This format, which we call wordpress eXtended RSS or WXR, will contain your posts, pages, comments, custom fields, categories, and tags. Once you’ve saved the download file, you can use the Import function on another WordPress blog to import this blog.
5. Back up your database ! If you don’t know how to backup your MySQL database, find out how how
to do it.Google it.
This is what i did, i am using phpMyAdmin 184.108.40.206 yours may be the same. Go to your cpanel, then down to phpMyAdmin: click this and once the page loads, click your database name on the left sidebar It may look like wrdp1. Then click on the export tap on the top of the page, you should not have to change any settings.
A new page will be displayed, first line on this page should read: phpMyAdmin SQL Dump. Highlight all this page and copy this and past this into a .txt file and keep this safe. In the event you need ti recover your blog you can use the import tab in your phpMyAdmin panel.
I am no security guru, I am just offering free advice that i use to boost the security of my wordpress blog.
The advice here and password protection is not 100% foolproof.