How to Protect Your Blog From Hackers/Malware
Website security is a fairly obvious issue for ecommerce websites, but many bloggers overlook the importance of protecting their WordPress sites – after all, they aren’t dealing with monetary transactions or customer, so why should they be concerned? The truth is that even your humble blog may be enticing to hackers who see an opportunity to take it over, re-direct your readers to potentially harmful sites, host illegal content, or do any number of other harmful things. Unless you are a tech blogger, the chances are that your best approach to protecting your blog and your readers is to let the pros like Sitelock do their thing – you can read Sitelock revews to get a sense of what they offer and decide what is best for your needs. In the meantime, there are some things that you can do to enhance your blog’s security right away.
Have a good password!
Did you know that, according to the team at WPEngine, “password” is the most commonly used password, coming second after “123456”? Or that a surprising number of people use their first name or businesses, or words from the dictionary to protect their most important data? Or that most passwords that include a number combination end in a number between 1-12? You can be sure that hackers are well aware of these and other common password strategies that many of us employ, and can crack them within seconds. Thankfully, this is a very simple thing to fix – make sure that your passwords don’t contain words, don’t follow predictable keyboard patterns, contain numbers and upper and lower case letters, and a symbol or two for good measure!
Perhaps out of sympathy for folks who have 20-plus password and user name combinations, some sites will give you a decent indication of where you have gone wrong in entering your credentials. A message telling you that your password doesn’t match your username can be very useful to you – and to a hacker who now knows that they have a good “hit” on a legitimate username and can focus on cracking the password. If you require your readers to login, make sure that you disable hints on the login function.
Be sure that you pay attention to security updates and patches, that you keep your plugins current, that you deactivate and delete plugins that you are not using, and generally keep your space tidy and current. Out of date bits and pieces can create a vulnerability that can easily be exploited.
These are just some of the “best practices” that you should integrate into your blogging routines. They won’t guarantee that your site is secure, but they will definitely go a long way towards making it more secure so that hackers will prefer to move on to softer targets. In addition, you should do regular scans of your site to make sure that nothing has managed to sneak in despite your best efforts.