Famous Bloggers

How To Blog and Start a Business

Home » The Famous Blog » WordPress Security To Save Your Blog Big Time

WordPress Security To Save Your Blog Big Time

- by

Imagine a fine morning when you wake up from a nice sleep, freshen up and sit in front of your computer to check on your blog and find everything is gone. Isn’t that like a bad dream for you? What would you do if your blog got hacked or accidentally deleted by your web hosting provider? Are you ready for such situations? Are you aware of your WordPress Security or just leaving it to luck?

WordPress Security

WordPress Security.. Prevention Is Better Than Cure

That’s actually what you should follow. Don’t let any intruder hack into your blog first off. If you don’t know how to prevent malicious attacks, I am going to let you know about three free plugins for WordPress that will make your blog more secure by removing known vulnerabilities and blocking future attacks.

1. BulletProof Security This plugin protects your blog against various types of attacks such as XSS, RFI, CRLF, CSRF, Base64, Code Injection and SQL Injection hacking attempts. It adds security using .htaccess file therefore works only on Linux hosting environment. The security can be controlled via WordPress Admin making it easy to use even for novices. I recommend this plugin to my friends and clients whenever I have a chance.

2. Theme Authenticity Checker Normally all the hackings are done by injecting malicious codes into the theme files. This plugin thoroughly checks every file in your blog’s theme folder and reports if any malicious codes found.

3. AskApache Password Protect Why shouldn’t we add another level of security to the admin panel? Well, this plugin does exactly that. You can protect your ‘wp-admin’ directory with a secondary password that needs to be entered before accessing the admin login page with the help of this plugin. This plugin hasn’t been updated for long and WordPress is now showing a warning, but, the plugin still works.

Now let’s have a look at the other side.

Hope For The Best, But Plan For The Worst

That being said, after all those wordpress security measures, your blog got hacked, or the blog is deleted by your web host, what you will do? Bang your head against a wall? Or you are the one of us who takes regular backup of our blogs for critical situations like that? If not, you must read on. I am going to tell you how you can back up your blog automatically and have some peace of mind. I guess you already know the importance of having a backup as it is beyond the scope of this blog post to clarify.

Manual backups are always preferred, but just not possible to do every day. I therefore use two plugins that help me automate the process. If you are willing to spend money, I highly recommend VaultPress, a premium backup service from the developer of WordPress itself. If you are not and looking for free alternatives, here are two I recommend;

1. WordPress Backup To Dropbox → I am personally using it in addition to VaultPress. You just need to choose a day and time for the backup (in my case, every day at midnight) and the plugin will do the rest. It will automatically backup your files and MySQL database to DropBox. All you need to have is a free DropBox account (get one here if you don’t have already).

2. XCloner XCloner can backup and restore files, folders and database within the WordPress installation. It offers manual as well as scheduled (automatic) backups. The feature that I like most is the ability to compress the whole backup in a single file. The thing I hate is that it stores the backup locally on your sever and you have to download it manually on your local machine.

Now you know how to fight your worst nightmare and prepared to avoid unwanted situations. If you have questions or doubt on WordPress security, just shoot a comment below and I’ll be glad to help.

About

A young Blogger and Internet Marketer from Kolkata, India.I blog about Blogging in my blog ItsAbhikDotCom. If you wanna know what Professional Blogging Model is, go read my eBook, ProBloggingModel which I offer for FREE to my subscribers.

Reader Interactions

Related Posts

{ 18 Responses }

  1. Abdullah says:
    When I first started my blogging career, I used Freshlife theme which was downloaded from internet for free. I do not know at that particular moment that theme contained a malicious malware code. I was so confused and scared about the virus which was displaying in webmaster tools. . Later I asked some of my fellow bloggers for help and then they introduced me TAC - Theme Authenticity Checker which indeed helped me in finding out the malicious code.
  2. Nickie Leaks says:
    Thanks a lot for this, I have been worrying my pretty little head off wondering what I would if something like this happens.
    • Abhik Biswas says:
      Glad you liked the post. It's always better to do something than not doing something at all.
  3. charansingh says:
    I have been studying up recently trying to put together a good security strategy for an existing site and it's beginning to feel a bit like trying to learn a new language. I'm hoping that I might be able to get a little advice from some WordPress experts on the matter. So far these are the plugins/services I am looking at: 1. Bulletproof Security Plugin 2. Better WP Security Plugin 3. Secure WordPress Plugin 4. Sucuri.net services 5. Website Defender's beta security service I am not someone who knows how to edit .htaccess files or coding or anything like that. I have done a few things already though like moving the wp-config.php file, deleting the readme.html/install.php files. I put a blank index.html file in the uploads directory. I'm also considering password protecting my admin folder through cpanel. That's about the extent of what I know how to do technically and honestly I don't even fully understand why I did these things, except that they were recommended to me by someone I trust.
  4. Ravinder Mehta says:
    Thanks for your informational post . m sure this blog post should be a must read post for all the newbie bloggers out there…
  5. Rajandran R says:
    Its will be a painful job if your blog size is very huge and got hacked and if you havent backup yet. Restoration of such a huge blogs will be really painful. Is there any methodology to overcome this problem as non of the WP Plugins are working in backup a big size blogs.
    • Abhik Biswas says:
      "non of the WP Plugins are working in backup a big size blogs" You really should try WordPress Backup To DropBox. It works flawlessly with much bigger blogs.
  6. Michael says:
    Hi Abhik, Thank you for bringing these plugin's to my attention. I went ahead and installed a couple of them right away. I also use "WP - Database Security" for security and WP-DBManager for backup. Thank you for the article and a happy new year to you. Regards :)
  7. Sai Kumar says:
    Hello Abhik Biswas, Great list of Security plugins bro. I almost use all the listed plugins expect AskApache Password Protect to secure my WordPress blog. Thanks for sharing!
    • Abhik Biswas says:
      You are welcome, Sai.