Our Blog has become one of our treasures and if we are not serious about taking proper care of it, then you are inviting trouble. Or technically, I should say hackers may harm us.
But yes, we have so many tools to support in our Blog Security. But again it depends how we are using it.
Here are few of the points that might be handy in terms of securing your blog…but before you make any changes according to the points below, back up your blog, just in case you need to undo the changes or additions.
Keep an eye on WordPress Release Notification
It’s very important to stay updated on al latest releases (WP and you Plugins). If you are not acting immediately on the available updates, but make sure you are not publishing anywhere. I have seen many commenting on various posts about their delay and hold offs. In case if you are updating late, remove version listings from your templates that could announce what version you are running, and possibly alert hackers to exploits you have available. Make sure when updating your install of WordPress to read the Upgrading WordPress section of the codex.
Backup Regularly
This is one such thing, where I am also not very good. And I have also suffered because of this one. I lost my recent 15 posts in day…but Now I have become more serious about it and I will suggest everyone to so the same. It hurts. You should take backup of all your Database and Directories. Both are valuable. One of the easiest ways of doing this is through FTP. But yes, many are not that savvy with the Control Panel of their hosting account, but we have several plugins available that can help you to automate and simplify the process.
The following plugins can help automate the database backup process, visit their websites for more information:
You can also visit the WordPress codex for further details on backing up your website.
Setting necessary permission to your files
All the necessary files should only have required permissions. Like your wp-config should not be world read or writeable. Otherwise people could steal your login information or even overwrite your login with their own. And don’t forget to delete your install.php after installation is complete. WordPress codex has an excellent walkthrough on setting file permissions here.
Protect against Spam Comments
Spam can be a danger to your blog and its visitors. Spam Comments can be kept away using plugins that track comments and trackbacks, running them through tests to check on whether they are spam and then refusing or approving based on the test results. Anti-spam Plugins and additional resources on how to protect from comment spam:
Login information should be Unique
We can also0 create a new WordPress admin user account and delete the default admin account. It’s very important to create a unique password in conjunction with your name. You can also learn various techniques of WordPress security here.
Stay Safe!
Technorati Tags: blog security, wordpress
March 2nd, 2008 at 10:27 am
Yes, we have been doing this and many are on top of it…..really taking care of their files….but yes, these reminders will keep us on the toes..,…