How Secure is Your Blog? Top Security Tips


More and more of my I.M. Colleagues and new humans I meet online are `entering into blogging.’ And why no longer? Blogs are notably smooth to supply and use, regardless of which platform you select, and they may be a top-notch device for internet entrepreneurs. However, irrespective of how clean they are to install and use, and no matter how beneficial they can be for your enterprise, the only issue I’ve observed extra regularly is that many humans neglect the safety of their blogs.

Now, I’m speaking virtually, specifically about WordPress blogs here. Yes, I have used Blogger blogs and understand that many people swear by them. Still, I discovered Blogger, a piece too restrictive for my liking (though I remember that matters have been modified plenty at Blogger because I first used them). Because WordPress is an open-supply blogging device, it’s free and can be had by everybody; it is a high goal for hackers and ne’er-do-wells. Of course, the WordPress development team is tireless in constantly operating at the script for our benefit, but none of that is useful if we don’t truly rise off our backsides and do a piece of work on our blogs behind the scenes.


It’s parred for the route to fear about your blog theme, your next blog publishes your readership, attracting subscribers to your RSS feed, and so forth. Etc., but do you suppose a great deal is approximately your blog’s safety?


I assume I might see more WordPress weblog safety issues than the maximum in the web hosting enterprise. Did you realize that possibly the largest server compromise motive is those who install WordPress blogs and different open supply scripts and do not hold them updated with today’s variations and patches?

Hackers locate it clean to go searching, find a way in through a vintage script, hack your blog, get entry to your email money owed, start sending Viagra and cure for baldness spam emails `from you’, and generally stand up to all varieties of nasty things. I can not tell you what number of panicky emails I’ve had to the solution from human beings who’ve logged into their blog one day and were smacked in the face utilizing a skull and move bones proudly proclaiming that their cautiously crafted, lovingly nurtured blog has been hacked with the aid of Hound Dog Horris the Hardcore Hacker!! Great! So, I’ve put together some guidelines you may want to enforce to help preserve your WordPress weblog-safe.

Keep Up-to-Date

First of all, the most obvious fix is to ensure you keep your weblog updated with the modern-day model released by WordPress. Most WordPress blogs show a warning in the Dashboard that tells you when a new edition is removed and a hyperlink to click on to download it. If yours would not, it is well worth checking the WordPress website regularly for updates. They additionally invite you to join email notifications of updates. If you sense a piece daunted installing updates through FTP, you installed your blog, first of all, using Fantastico on your cPanel, so are you not sure how to set up the updates? WordPress provides quite a great set of instructions for this.


It’s a terrific idea to cover the listing of plugins you are using. Any recognized vulnerabilities and insects that can arise in some plugins can be used as gear to harm your internet site. Check out your weblog now… Yourdomain.Com/wp-content/plugins. The possibility is that you will see the whole listing of your weblog plugins and, in a few instances, the date they were established. To disguise your plugins clearly, create an index.Html report and upload it to the wp-admin/plugins folder. This index record can be clean, or you can be creative and upload a few promotions. Another way that Hound Dog Hacker determines whether your blog is the futile floor for hacking is to check which WordPress version you’re using. So, if you are one of those who has positioned upgrading on the lower back burner, you can say you’re ripe for a hack harvest with a big megaphone!

How so? Well, visit your weblog… Go on. Open a new tab in your browser and type your blog’s URL. Then, properly click on your blog with your mouse and pick out View Source, View Page Source, or Comparable from the drop-down menu. Check out the coding….. Approximately 10-12 lines down, you will see something like this.

The 2.6. Three models are the ultra-modern model as I’m writing this newsletter these days, and your one, hopefully, tells you the ultra-modern version on the day you test your code. However, there’s an opportunity that you’re no longer up to date on your performance, and an old version is showing. Naughty, naughty! Talk about dipping your cut finger in shark-infested water and alluring all the sharks for a slap-up meal!!! There is a slight exaggeration; however, I’m positive you get what I suggest.


Why promote it that you’ve been too busy to update your weblog to the latest version or that that upgrade continues to get shoved down your list of things to do? I’ve been using the first-athlete plugin via David Kierznowski, which eliminates your WordPress version’s display to prevent assaults. Check out your weblog… Do the right mouse click on after which view the supply code. The plugin is simply one small. A You add a Personal home page document to your plugins folder, which which which is then prompted regularlye plugins segment of your Dashboard.

Block Access

A folder that Hound Dog Hacker likes to have a great old nosy around to your weblog is your wp-admin folder – the garage location for all your blog’s maximum touchy statistics. So here’s a short trip to ease this directory… Open Notepad or WordPad on your P.C., and add the following code:-

AuthUserFile /dev/null

AuthGroupFile /dev/null

AuthName “Access Control”

AuthType Basic

order deny, permit

deny from all

a permit from TYPE YOUR IP ADDRESS HERE. If you do not know how your I.P. copes with it, you can find it here: Next, save your text document. Htaccess and then add it to your wp-admin folder. NOTE: This method might be a pain in the neck for you if you don’t have a static I.P. address, but if you are a web provider company with a variety, you may upload the range. My I.P. cope isn’t always static, but I’ve needed to upload extra I.P. addresses twice within the past six months or so to log in. I wondered why, once I went to my blog login web page while on my computer, I was denied access… Doh, then I realized that my. The access file was denying me access to this laptop. I now hold the. For the htaccess document on my desktop, add an I.P. address to the paper and upload it in seconds if and when it is adjusted. So your file may look something like this.

AuthUserFile /dev/null

AuthGroupFile /dev/null

AuthName “Access Control”

AuthType Basic

order deny, permit permit

deny from permit




I hope this has helped give you a few ideas or galvanized you to examine your blog protection further.