That awkward moment when you awake and hit the url of your blog to find a gigantic banner slammed on your face, notifying you that your precious blog which you have invested a fortune has been hacked. I know that feeling, I have been there before. It’s the worst thing that can happen to any blogger whether you are a problogger or an amateur blogger, anything of this nature will rip-down your muscles.
Statistics shows that thousands of blogs running on the exciting WordPress platform have been hit by lots of hackers waiting to soil your hard work. What do you do? Do you just sit there and wait till you get the hammer? No! You will have to secure your WordPress blog and make sure their effort is frustrated. I will walk you through some very important steps to ensuring that hackers find it extremely difficult to access your blog and give up entirely.
5 Tips To Protect Your Blog From Hackers
1. Good Host
The first thing you might want to think about while attempting to secure your blog is how secured is your host? If your host is one of those cheap hosting companies flooding the cyber space with fake offers, then I am sorry you might not need to the rest of this article, because if you implement all what it them on a poor host, you will still get hit by hackers.
Any hacker who can gain access to your host’s back-end can do whatever he pleases to any website being hosted by the company. Always go for the best, it might be expensive but it’s worth your penny. I am not saying or insisting you must choose the most expensive host out-there. They are a lot of good hosts available at very affordable price, you can do an extensive review of some of them and decide if you need to change your host.
If your blog is already hosted by a hosting company, do well to find out more about them if they are not the already known ones. Find out about their business model and what measure they implement in ensuring security is guaranteed.
2. Delete Admin Profile
In the exception of finding a good host, deleting the “Admin” username of your blog is the most important. By default, WordPress installation completes and gives you a username “Admin” with the option to determine your password. If you leave your WordPress blog in the default way, you make your blog very vulnerable to hackers.
The point is this; many of these hackers’ loves blogs with “Admin” username as it makes them do very little work before they gain access to your blog. All they have to do is decrypt your password and they are in. Once this happens, they take total control of your blog, deleting and adding whatever contents they like.
It is best practice to create a new administrator profile, with a new username (not admin) and a very strong password. After you create the new profile, delete the default admin profile with the “Admin” username.
Hint: How To Create a New WordPress Admin Profile
1. Navigate to WordPress Dashboard
2. Locate Users, Add New.
3. Fill details and ensure “Administrator” role is selected.
4. Save and go back to “Users” profile.
5. Delete the default “Admin” profile and tick the option to transfer all posts to your newly created Administrator. This prevents any content previously published by the profile from been deleted.
3. Updates
It is important to always work with the latest version of WordPress. Whenever you see an update notice, ensure that you update as soon as you can. WordPress releases constant updates to combat security lapses, by updating your WordPress blog you also fix the security holes in your blog.
Meanwhile, before updating to any version of WordPress, ensure that you have a recent backup of your blog, because the recent update might break some portion of your theme. It is unlikely it can happen to you, but its better you have a backup so you can always revert back should anything happen.
Plugins are no exceptions. Always update your plugins whenever there is an update. Hackers can use old plugins that have not been updated in a while to gain access to your blog.
4. Check Theme For Malicious Codes
To be in total control of your WordPress blog, you have to ensure that your current theme has no malicious code. If you are using a nulled WordPress theme or a free template, you are at greater risk of being hacked. If it doesn’t happen now, it will still happen sometime in future.
How Do I check For Malicious Codes?
Kindly follow this guide on how to check for malicious code. It is easy to implement and stay safe.
Now, if you are using a free WordPress template, always verify the source and if you suspect anything like link stuffing, it is better not to use, no matter how it best suits your taste.
5. Limit Login Attempts
Hackers are not entirely unknown. Some can be your friends who know your username and may want to try their luck with a few passwords. By enforcing a login limit with the Limit Login Attempts WordPress plugin, you determine how many times a user can attempt a password before he is prevented from further attempts. I particularly love this plugins as it makes mockery of amateur hackers. I recommend you download and install it if you have not already done so.
In conclusion, security of your blog should always be prioritized, reputable search engines and especially Google do not like hidden links. This hidden links could be pointing to sites known for notorious activities which may have already been black-listed by Google. Hence, you must ensure that no hidden links is located in your template.
Further more, do not forget to carry out periodic back-up of your WordPress blog so that even when the worse happens, you can always find a place re-ignite your blog. I have a list of exciting WordPress plugins that should make the process easy for you.
I have said a lot about a very important issue as security, these are some fundamental tips to protecting your WordPress blogs from hackers. Do you have other equally great methods? Drop them on the comment box and let’s keep learning.
 |
5 Tips To Protect Your Blog From Hackers
1. Good Host
The first thing you might want to think about while attempting to secure your blog is how secured is your host? If your host is one of those cheap hosting companies flooding the cyber space with fake offers, then I am sorry you might not need to the rest of this article, because if you implement all what it them on a poor host, you will still get hit by hackers.
Any hacker who can gain access to your host’s back-end can do whatever he pleases to any website being hosted by the company. Always go for the best, it might be expensive but it’s worth your penny. I am not saying or insisting you must choose the most expensive host out-there. They are a lot of good hosts available at very affordable price, you can do an extensive review of some of them and decide if you need to change your host.
If your blog is already hosted by a hosting company, do well to find out more about them if they are not the already known ones. Find out about their business model and what measure they implement in ensuring security is guaranteed.
2. Delete Admin Profile
In the exception of finding a good host, deleting the “Admin” username of your blog is the most important. By default, WordPress installation completes and gives you a username “Admin” with the option to determine your password. If you leave your WordPress blog in the default way, you make your blog very vulnerable to hackers.
The point is this; many of these hackers’ loves blogs with “Admin” username as it makes them do very little work before they gain access to your blog. All they have to do is decrypt your password and they are in. Once this happens, they take total control of your blog, deleting and adding whatever contents they like.
It is best practice to create a new administrator profile, with a new username (not admin) and a very strong password. After you create the new profile, delete the default admin profile with the “Admin” username.
Hint: How To Create a New WordPress Admin Profile
1. Navigate to WordPress Dashboard
2. Locate Users, Add New.
3. Fill details and ensure “Administrator” role is selected.
4. Save and go back to “Users” profile.
5. Delete the default “Admin” profile and tick the option to transfer all posts to your newly created Administrator. This prevents any content previously published by the profile from been deleted.
3. Updates
 |
Meanwhile, before updating to any version of WordPress, ensure that you have a recent backup of your blog, because the recent update might break some portion of your theme. It is unlikely it can happen to you, but its better you have a backup so you can always revert back should anything happen.
Plugins are no exceptions. Always update your plugins whenever there is an update. Hackers can use old plugins that have not been updated in a while to gain access to your blog.
4. Check Theme For Malicious Codes
To be in total control of your WordPress blog, you have to ensure that your current theme has no malicious code. If you are using a nulled WordPress theme or a free template, you are at greater risk of being hacked. If it doesn’t happen now, it will still happen sometime in future.
How Do I check For Malicious Codes?
Kindly follow this guide on how to check for malicious code. It is easy to implement and stay safe.
Now, if you are using a free WordPress template, always verify the source and if you suspect anything like link stuffing, it is better not to use, no matter how it best suits your taste.
5. Limit Login Attempts
Hackers are not entirely unknown. Some can be your friends who know your username and may want to try their luck with a few passwords. By enforcing a login limit with the Limit Login Attempts WordPress plugin, you determine how many times a user can attempt a password before he is prevented from further attempts. I particularly love this plugins as it makes mockery of amateur hackers. I recommend you download and install it if you have not already done so.
In conclusion, security of your blog should always be prioritized, reputable search engines and especially Google do not like hidden links. This hidden links could be pointing to sites known for notorious activities which may have already been black-listed by Google. Hence, you must ensure that no hidden links is located in your template.
Further more, do not forget to carry out periodic back-up of your WordPress blog so that even when the worse happens, you can always find a place re-ignite your blog. I have a list of exciting WordPress plugins that should make the process easy for you.
I have said a lot about a very important issue as security, these are some fundamental tips to protecting your WordPress blogs from hackers. Do you have other equally great methods? Drop them on the comment box and let’s keep learning.
No comments:
Post a Comment