Categories: Tips

How Secure is Your Blog? Top Security Tips

More and greater of my I.M. Colleagues and actually new human beings that I meet on line are `stepping into running a blog’. And why no longer? Blogs are extensively easy to supply and use, irrespective of which platform you select, and they may be a top notch tool for net marketers.

However, irrespective of how smooth they’re to put in and use, and no matter how beneficial they may be for your company, the handiest trouble that I’ve discovered extra frequently is that many humans are neglecting the safety of their blogs.

Now I’m truely speak specifically about WordPress blogs right here. Yes, I even have used Blogger blogs within the past, and I take into account that many people swear by means of them, however, I determined Blogger a chunk too restrictive for my liking (even though I keep in mind that subjects have changed plenty at Blogger for the purpose that I first used them).

Because WordPress is an open supply blogging device, meaning that it is free and available to everyone, it’s far an excessive intention for hackers and ne’er-do-wells. Of route, the WordPress development group are tireless in continuously running on the script for our benefit, however, none of that is any use if we don’t honestly rise off our backsides and do a bit of work on our blogs behind the curtain.

It’s par for the path to fear approximately your blog topic, your subsequent we blog publishes, your readership, attracting subscribers for your RSS feed and so on. Etc., but do you really suppose very an extremely good deal approximately your blog’s protection?

I expect that I may possibly see greater WordPress we blog safety troubles than most, being within the web website hosting organization. Did you recognize that in all likelihood the biggest motive of server compromisation is surely people who installation WordPress blogs and one-of-a-kind open deliver scripts and do not keep them updated with the modern versions and patches?

Hackers locate it clean to go searching, find a manner in thru a vintage script, hack your weblog, get admission to your electronic mail money owed, begin sending viagra and treatment for baldness unsolicited mail emails `from you’ and usually get up to all varieties of nasty things.

I cannot inform you what number of panicky emails I’ve had to answer from people who have logged into their weblog one day and were smacked in the face via a skull and move bones proudly proclaiming that their cautiously crafted, lovingly nurtured blog has been hacked with the resource of Hound Dog Horris the Hardcore Hacker!! Great!

So I’ve put together a few pointers that you can need to put into effect to help preserve your WordPress blog-secure.

Keep Up-to-Date

First of all, the maximum apparent repair is to make certain that you hold your blog up to date with the modern-day-day model launched by way of the manner of WordPress.

Most WordPress blogs display a bit caution within the Dashboard that tells you whilst a new version is launched and a link for you to click directly to down load it. If yours might no longer, then it’s miles well worth checking the WordPress website quite regularly for updates. They additionally invite you to enroll in email notification of updates.

If you experience a piece daunted putting in updates through FTP, otherwise you established your weblog, to begin with using Fantastico for your cPanel, so aren’t tremendous how to set up the updates, WordPress provide pretty a first-rate set of instructions for this.


It’s a first rate concept to cowl the listing of plugins you’re the usage of. Any identified vulnerabilities and insects that can stand up in some plugins may be used as tools to damage your net website.

Check out your blog, now… Yourdomain.Com/wp-content material/plugins

The opportunities are, you may see the whole listing of all your blog plugins, and in some times, the date they were installed.

To cover your plugins, virtually, create an index.Html file and upload it to the wp-admin/plugins folder. This index file can be easy or you could be in clearly innovative and add some promotions to it.

Another manner that Hound Dog Hacker uses to decide whether your blog is the futile ground for hacking is to check which WordPress version you are using.

So, in case you’re one of those that has located upgrading on the decrease lower back burner, then you can be pronouncing which you’re ripe for a hack harvest with a huge megaphone!

How so? Well, go to your weblog… Go on. Open a brand new tab to your browser and type in your blog’s URL. Then right click on in your weblog together with your mouse and choose out View Source, View Page Source, or comparable, from the drop down menu.

Check out the coding….. Approximately 10-12 strains down, you’ll see something like this



Obviously the 2.6.Three version is the extremely-cutting-edge version as I’m writing this newsletter these days, and your one, optimistically, tells you the ultra-cutting-edge model at the day you take a look at your code. However, there may be a possibility which you’ve not updated your version and an old version is showing. Naughty, naughty! Talk about dipping you reduce finger in shark infested water and inviting all the sharks for a slap up meal!!! Slight exaggeration, there, but, I’m tremendous you get what I recommend?

Why sell it which you’ve been a piece too busy to replace your weblog to the modern day model, or that that upgrade maintains to get shoved down your listing of factors to do?

I’ve been the use of an excellent plugin via David Kierznowski, which gets rid of the show of your WordPress version to prevent attacks. Check out your blog… Do the proper mouse click on after which view deliver code.

The plugin is without a doubt one small.Personal domestic page document which you upload to your plugins folder, after which set off it within the regular manner inside the plugins segment of your Dashboard.

Block Access

A folder that Hound Dog Hacker loves to have a superb vintage nosy round on your weblog is your wp-admin folder – this is the storage region for all your blog’s most touchy information. So here is a quick tip to secure this directory…

Open Notepad or WordPad on your PC, and add the subsequent code:-

AuthUserFile /dev/null

AuthGroupFile /dev/null

AuthName “Access Control”

AuthType Basic

order deny, permit

deny from all


If you do no longer know your IP cope with, you may find it right here whatismyipaddress.Com

Next, keep your text record as.Htaccess after which add it to your wp-admin folder.

NOTE: This method is probably a pain in the neck for you in case you do not have a static IP deal with, however, in case you are an internet issue business enterprise that has a selection, you can add the range.

I sincerely have to mention that my IP address is not static BUT, I’ve pleasant had to upload greater IP addresses instances in the beyond 6 months or so, to permit me to log in.

I did wonder why as soon as I went to my blog login web page while on my computer that I become denied access… Doh, then I found out that my.The get right of entry to document become denying me get right of entry to from this pc. I now hold the.Htaccess record on my desktop and honestly add an IP cope with, if and while it changes, to the document and uploads it in seconds. So your file may appearance something like this

AuthUserFile /dev/null

AuthGroupFile /dev/null

AuthName “Access Control”

AuthType Basic

order deny, allow permit

deny from permit




I desire this has helped come up with some ide or at the least galvanized you into taking a better study your weblog protection.

kichaitorbara :