WordPress Blog Security

It is a terrible feeling the day you realize that your WordPress blog security was compromised.  When you’ve been hacked, it is like getting punched in the stomach.  You’ve always heard how important it is to keep your site secure, but you never really paid attention.

passwords 480x287 Wordpress Blog Security

Photo Credit: Ron Bennetts

Boom, you just learned the hard way.

Whether you know it or not, your site is constantly under attack.  There are malicious crawlers, bots, and scripts trying to poke holes into your site.  It might be happening right this second, and you’d never even know it until it is too late.

Here’s some tips to keep your site secure.

Updates, updates, updates.

There’s a reason that you see that band across the top of your WordPress dashboard screaming at you to update.  Don’t ignore it!  Virtually all WordPress core updates come with some level of increased security.  The same goes for plugins.  When security flaws are discovered in WordPress, the community is very quick to resolve them and push a new release.

Change your password regularly.

Yes, I agree.  Updating your passwords is a massive pain.  Keeping track of them all is ridiculously hard.  Unfortunately, it just needs to be done.  However, you need to go deeper than just your WordPress dashboard password.  You should also change:

  • Email Password.  Remember, if I can get into your email, all I need to do is use the WordPress “Forgot my password” feature to get into your blog.
  • Hosting Account Password. Why hack into your WordPress account when I can just get right into your host?
  • Server Passwords.  If you are using your own servers and hosting provider, there’s passwords for your database and FTP that need to be updated.

Take this stuff seriously.  Just look how bad it ended up for LinkedIn.

Try using a password generator to help you make a more secure password.  

Take the Offensive.

Be proactive and install some security enhancing plugins.  Here’s a few we recommend.

WordPress Backups.

This one isn’t really a preventive measure.  It really is designed to help you quickly recover.  You need to be doing daily system wide backups.  If the worst happens, you will then be able to restore to relatively recent version of your site without major losses.

There are third-party vendors that will handle the work for you for a small fee.  Many hosting providers do this automatically, but do not assume.  Make sure you find out how long they store backups.

About Travis Lusk

Since early 2000, Travis Lusk has been involved in publishing content online. Currently, he is an influential leader in online video advertising, brand marketing, and content publishing. I addition to publishing here on BlogCraving, Travis works for a national leader the online video advertising platform space. A self professed web geek, you'll often find him combing the web on his iPad or blogging away on his Macbook. Follow on Twitter @travislusk or on Facebook. Also, check out his photography on SmugMug.

Leave a Reply