• May

    Read This If You Have a WordPress Blog


    WordPress blogs are quite common and popular, due to the open source content and ease of use. Unfortunately, WordPress blogs in general are full of security “holes” and if you have one, you’re essentially hanging out a sign that says, “hack me, I have a WordPress blog.”

    Some time ago, three of my WordPress blogs were hacked. The only way I found out about it was when one of my colleagues (who happened to be a programmer) looked at my code one day and found the problem. The way the hack was set up, you wouldn’t see it unless you looked at the source code.

    Essentially, the hacker was illegally using my blog to inflate their search engine rankings at my expense, but it could have been a lot worse. Still the damage was extensive. With the help of a tech, I was able to fix one blog, but in the end, I shut down 3 of them, completely.

    If you have a WordPress blog, it’s important to realize that one cannot totally keep hackers out, but you can make it so difficult for them to get in that they’ll move onto another target. Some of these task include: Changing the passwords on your FTP and also with WordPress itself. It’s also wise to make regular backups and in the case of FTP, make sure you get an SFTP program or Secure FTP. That will make it harder for the hackers to get in. Still, there’s a lot more that you can do.

    Some time ago, I wrote an article for HTML Goodies on WordPress Security. This is a step in the right direction.

    Other steps you can take are to install security plugins on your WordPress site. One of these is Secure WordPress. Another is Limit Login Attempts. The latter is a plugin that will repel brute force attacks by locking out the IP address of the intruder.

    At one point, someone was trying to hack one of my blogs and the attacks went on for several days. All were repelled. In addition, Hostgator set up some security measures to block the attacks. This is important for them because roughly 80% of their users use WordPress.

    If you have any questions, please let me know.

    © Nathan Segal

    No Comments

Leave a reply