Is your WordPress blog secured? Is your blog spam proof and hack proof? How sure are you that it is secured?
If you are a blogger and (or) a blog owner you should be thinking about these questions. Each and every blog is prone to spammers and targeted by hackers. All they want to do is bring down your blog for there own good. If you are not protecting your blog, you might be destroying your blog.
This post came to my attention when I saw other blogs beings spammed and hacked by these “Internet Criminals”, as I call them. So I wrote this post to help those non-secured blogs get secured. I am pretty sure you don’t want your blog get hacked or spammed. Read these steps below on how you can make your blog safe from hackers and spammers.
Steps To Prevent Spammers
For this blog I used the Akismet Plugin to help me prevent blogger from taking over.
So far Akismet has already protected my blog from 43 spams since I launched this blog 3 weeks ago.
My Akismet Stats
15 spams caught, 40 legitimate comments, and an overall accuracy rate of 100.000%.
Akismet is one of my 18 favourite plugins.
Steps To Prevent Spammers
Preventing hackers from your blog can be very easy as well.
First thing first, protect your profile. After installing your WordPress blog your default login name is admin. Hackers already know that admin is the default login name for your blog, so changing your login name can through them off by far.
Next thing is your password. You need to use a very strong password to give your hackers a hard time getting into your blog control panel. The best password to use combines on alpha-numeric and symbols. This means you would use both letters and numbers plus symbols in your password.
Doing these will help protect your blog by a great deal.
It does not end there…
You have some plugins to help protect your blog.
Login LockDown – records the IP address and timestamp of every failed login attempt. If more than a certain number of attempts are detected within a short period of time from the same IP range, then the login function is disabled for all requests from that range. This helps to prevent brute force password discovery. Currently the plugin defaults to a 1 hour lock out of an IP block after 3 failed login attempts within 5 minutes. This can be modified via the Options panel.
order allow,deny
deny from 123.123.123.123
deny from 123.123.123.123
deny from 123.123.123.123
allow from all
Place the above code in your .htaccess file of the /wp-admin/ directory to block ip address from your blog’s admin control panel.
WP Security Scan – Scans your WordPress installation for security vulnerabilities and suggests corrective actions.
These scans include:
- passwords
- file permissions
- database security
- version hiding
- WordPress admin protection/security
- removes WP Generator META tag from core code
Upgrading You Blog
Always remember to upgrade your WordPress blog to the latest version. Latest version is the best way to keep ahead of the game. The latest version can be a fix up of bugs or other errors in the previous version.
Conclusion
I hope that you take these steps and make your blog security stronger.
Have you been spammed or hacked? What are you doing to protect your blog?
Jarrod
Kharim