This post was inspired by Tinh from AZBlogTips, who’s blog was recently hacked. He now has everything back to normal, but I’ve got to say… It was a hell of a ride! So, lets get started and make your blog hacker proof.
You wake up one morning, go online to check your stats and see if you made some dough overnight, and all you find out is that your website is…
And not only that, your database is messed up, your graphics are gone, and your blog is all scrambled up…
The answer is easy. You got hacked!
Now, I know the feeling of losing something you’ve worked on for years, and that’s why I decided to tell you about a few things you can do to make sure your blog is completely secure and hacker free.
1. Don’t use free themes if…
…you don’t know where they’re from.
It’s really easy for a hacker to code a website theme in a way that when you install it, it’ll execute commands that will leave your blog wide open for that hacker to mess around with.
You won’t even notice it before it’s too late.
Of course, there are many great and free themes available online, and as long as you know that whoever puts them out is legitimate and trustworthy, you’ll be just fine.
2. Always upgrade your WordPress installation.
This is another very important point to consider. WordPress gets upgraded constantly, and one of the reasons why that’s the case is to make sure that your installation is as protected as possible.
All it takes to upgrade to the newest version, is just a few clicks, really.
Sometimes, especially when you have a lot of content up already, you might feel that you’ll run a risk of losing it if you upgrade your installation. Just back everything up before you do it, and you won’t have any problems.
3. Use a strong password…
…and don’t forget to change it frequently.
This is very basic, and you probably already know about it, but you’d be shocked if you knew how many people use the exact same passwords for everything they do online. They have one master password and just use it for all their sites, email and FTP accounts, bank accounts…everything.
Crazy, I know, but it’s true.
4. Use plug-ins that’ll keep you safe.
There are many plug-ins you can set up that will make it difficult for hackers to get into your site. Here’s a quick rundown of some of the most important ones out there:
- Stealth Login
This is a very cool plug-in that will do two things for you:
– It’ll make it possible for you to set up the login URL for your blog to be anything you want, so instead of going to to www.yoursite/wp-admin to login, you’ll be able to change it to something a little less obvious.
– Another thing that plug-in does is it hides your login URL, so that it’s going to be really complicated for a hacker to actually find out where they need to login even if they figure your password out.
This plug-in will let you set the number of times a user on your site can attempt to log in before their account is blocked. Then, if they still want to log in, they’ll have to ask you for help, or request a new password.
This is an awesome option if your site is getting attacked by malicious software that attempts to login before doing anything.
This plug-in works just like User Locker described above.
SpiderSquash will determine whether your site is being accessed by a legitimate user or a bot that tries to post spam, harvest email addresses or even destroy your site entirely.
Just as the name suggests, this plug-in will encrypt your WordPress password by using both DES and RSA.
Another plug-in that will encrypt your password, but this one will use the CHAP protocol to do that.
If you tend to login to your WordPress sites at public places, such as Internet Cafe’s and such, you run a risk of having your password stolen, unless…
…you use this plug-in!
This little thing will let you login to your site using a password that’s good for just one session, so, even if someone grabs it after you use it, it’ll simply be good for nothing…
So, there you have it!
Those few simple things, if you put them into action, will make it possible for you to make sure that your site is hacker free and safe. Of course, if a hacker is very persistent, he’ll be able to get in, but those tips will make it extremely difficult for them.
The one thing I do want to say to you before we split is that no matter what, you should get in a habit of backing your site up frequently. If you do that, even if it’s hacked, you’ll be able to restore it back to normal with just a few clicks of your mouse.
It’s easy and quick, so, as the shoes say… Just Do It!