Imagine a fine morning when you wake up from a nice sleep, freshen up and sit in front of your computer to check on your blog and find everything is gone. Isn’t that like a bad dream for you? What would you do if your blog got hacked or accidentally deleted by your web hosting provider? Are you ready for such situations? Are you aware of your WordPress Security or just leaving it to luck?
WordPress Security.. Prevention Is Better Than Cure
That’s actually what you should follow. Don’t let any intruder hack into your blog first off. If you don’t know how to prevent malicious attacks, I am going to let you know about three free plugins for WordPress that will make your blog more secure by removing known vulnerabilities and blocking future attacks.
1. BulletProof Security → This plugin protects your blog against various types of attacks such as XSS, RFI, CRLF, CSRF, Base64, Code Injection and SQL Injection hacking attempts. It adds security using .htaccess file therefore works only on Linux hosting environment. The security can be controlled via WordPress Admin making it easy to use even for novices. I recommend this plugin to my friends and clients whenever I have a chance.
2. Theme Authenticity Checker → Normally all the hackings are done by injecting malicious codes into the theme files. This plugin thoroughly checks every file in your blog’s theme folder and reports if any malicious codes found.
3. AskApache Password Protect → Why shouldn’t we add another level of security to the admin panel? Well, this plugin does exactly that. You can protect your ‘wp-admin’ directory with a secondary password that needs to be entered before accessing the admin login page with the help of this plugin. This plugin hasn’t been updated for long and WordPress is now showing a warning, but, the plugin still works.
Now let’s have a look at the other side.
Hope For The Best, But Plan For The Worst
That being said, after all those wordpress security measures, your blog got hacked, or the blog is deleted by your web host, what you will do? Bang your head against a wall? Or you are the one of us who takes regular backup of our blogs for critical situations like that? If not, you must read on. I am going to tell you how you can back up your blog automatically and have some peace of mind. I guess you already know the importance of having a backup as it is beyond the scope of this blog post to clarify.
Manual backups are always preferred, but just not possible to do every day. I therefore use two plugins that help me automate the process. If you are willing to spend money, I highly recommend VaultPress, a premium backup service from the developer of WordPress itself. If you are not and looking for free alternatives, here are two I recommend;
1. WordPress Backup To Dropbox → I am personally using it in addition to VaultPress. You just need to choose a day and time for the backup (in my case, every day at midnight) and the plugin will do the rest. It will automatically backup your files and MySQL database to DropBox. All you need to have is a free DropBox account (get one here if you don’t have already).
2. XCloner → XCloner can backup and restore files, folders and database within the WordPress installation. It offers manual as well as scheduled (automatic) backups. The feature that I like most is the ability to compress the whole backup in a single file. The thing I hate is that it stores the backup locally on your sever and you have to download it manually on your local machine.
Now you know how to fight your worst nightmare and prepared to avoid unwanted situations. If you have questions or doubt on WordPress security, just shoot a comment below and I’ll be glad to help.