• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

  • Home
  • Podcast
  • Blog
  • Insiders Club
You are here: Home / Blogging / Protect Your Blog! 2 Action Steps to Implement Today

Protect Your Blog! 2 Action Steps to Implement Today

By Michelle Shaeffer | 21 Comments

Hazard warning attention sign on a metal surface Could your WordPress blog be hacked in minutes?  It could be if you’re using the default “admin” user, a word from the dictionary for your password, or not otherwise properly secured.

Ready to fix that right now and keep it safe?  Try these two quick action steps.

And, be sure to also read the important safety steps in these two posts:

  • Warning: Social Media May Be Putting Your Security At Risk
  • 5 Critical Steps You Must Take to Secure Your Website Today

What are you doing to keep your site safety?  Share your online security tips (or questions!) in the comments.

Spread the Love
  •  
  •  
  •  
  •  
  •  

Reader Interactions

Comments

  1. Debra Jason says

    April 14, 2013 at 1:16 pm

    If you’re not a “techno geek” how do you know that when it says “click here to fix” that you’re not going to mess something up?
    Wanna be able to sleep at night knowing I didn’t do that.
    Thanks. ~Debra

    Reply
    • Michelle Shaeffer says

      April 14, 2013 at 5:03 pm

      Hey Debra, great question. If you’ve got a backup and your host support # or email handy, that’s the first important thing, just in case. Because for most configurations and servers none of these should mess things up. But for anything custom it’s hard to predict and sometimes themes or plugins do conflict. One thing you can do is check the support forum or google the specific change and see what comes up — if you see a lot of “this broke my blog!” type entries you might want to skip that step. ;)

      Reply
  2. Tia Dye says

    April 14, 2013 at 5:38 pm

    Thanks Michelle!
    New to WP and just getting started, so I’ll be going through every bit of advice you have!
    ~ Tia

    Reply
    • Tia Dye says

      April 14, 2013 at 5:44 pm

      Michelle – If I set the strong password to subscriber, then will they have to put in a password to read or comment? What would a subscriber need a password for?
      ~ Tia

      Reply
      • Michelle Shaeffer says

        April 14, 2013 at 11:37 pm

        Hi Tia, do you require a password to comment? Some blogs are set that way and it requires visitors to register as subscribers. If you aren’t set that way, then requiring the strong password won’t change anything for your readers. :)

        Here’s more detailed info about it: http://codex.wordpress.org/Roles_and_Capabilities

        And despite it being called “subscriber” it’s most likely not linked to your subscribers. If you’re using a different service to email your subscribers (Feedburner, AWeber, MailChimp, etc) then this doesn’t affect that, either.

        Hope this helps! :)

        Reply
  3. Koj Tajo says

    April 15, 2013 at 7:06 am

    Hi Michele, well timed post. I wonder why still today people are using ‘admin’ as username. One should totally avoid it. And having backup is all important job to do as blogger. I am using limit login attempt plugin. Hope it helps!

    Hey! your blog got listed in my list. So am coming back again and again.
    Regards.

    Reply
    • Michelle Shaeffer says

      April 15, 2013 at 8:30 pm

      Thanks Koj, appreciate it. And the limit login attempt is a good security move, too.

      Reply
  4. Ken Glick (EEI) says

    April 15, 2013 at 11:36 am

    I can’t imagine anyone wanting to hack our company blog but thankfully we don’t use either the default “admin” user nor do we use in word in the dictionary in our password. Nevertheless, I would love to know if our blog is still easily accessible to hackers as keeping them out is my responsibility.

    Reply
    • Michelle Shaeffer says

      April 15, 2013 at 8:32 pm

      Hey Ken, you might like the WP Security Scan plugin or Website Defender. They’ve got deeper scans and security settings if that’s something you’re responsible for and dealing with more regularly than the typical blogger.

      Reply
  5. Suzie Cheel says

    April 15, 2013 at 1:41 pm

    Michelle,
    Great post thanks i will put on the Better WP security

    You share button at the top are not working?

    Reply
    • Suzie Cheel says

      April 15, 2013 at 1:53 pm

      all working now ???? What plugin are you using? looks good and neater than digg digg

      Reply
      • Michelle Shaeffer says

        April 15, 2013 at 8:32 pm

        Hey Suzie, I think the javascript is a little slow to load sometimes, I’ll see what I can do about that. Appreciate you letting me know they didn’t work for you the first time. :)

        It’s Flare – both the ones at the top and the ones floating on the left. I loved the visual style, too.

        Reply
  6. Debra Jason says

    April 16, 2013 at 11:53 am

    No sooner did I install this, then I got an email about an IP address trying to access my site. Called my Host provider and they said the program was “doing its job and did what it was supposed to” (i.e. blocking an IP from being able to access my site).

    However, as an FYI: when I asked the Host for help with all the settings/changes Better WP Security had on the dashboard, they said “we don’t support individual plug ins.”

    Don’t know if all Web hosts would say that, but thought some of you might want to know.
    Thanks “mighty Michelle.”
    ~Debra

    Reply
    • Michelle Shaeffer says

      April 17, 2013 at 4:39 pm

      Many hosts won’t (can’t) support WordPress at that level because there are just too many plugins for them to be familiar with. But if it throws an error message they should be able to fix that part. :)

      Isn’t that crazy though? Just being aware that there are “bad guys” out there trying to access our sites is valuable since it makes us that much more cautious.

      Reply
  7. Justin says

    April 19, 2013 at 12:05 am

    This is awesome, thanks for the tips!

    Reply
  8. Barbara says

    April 19, 2013 at 7:47 am

    Thanks so much for the info. I’m passing this one to a few people I know who need it! :)
    Barbara

    Reply
  9. Suzanne says

    April 19, 2013 at 1:15 pm

    Thanks for this wonderful video Michelle. I have recently changed my password to something pretty tough to crack but these additional pointers are very helpful. Last weekend I tried to pull up my website and found it was not available. When I went to my hosting company’s facebook page I saw that they were under attack. Pretty scary stuff.

    Reply
  10. Rob Mullins says

    April 21, 2013 at 6:00 am

    Hi Michelle,
    Rob Mullins, here, from the Navigator program. Thank you for this security update. The video really made it clear “what to do next.”
    During one of your sessions with the Navigators, you walked us through a number of WP plugins that would add functionality as well as security.
    My question is should I add Better WP Security on top of the other WP plugins like WebsiteDefender WordPress Security plugin?
    Thanks for your thoughts…

    Reply
  11. Marc Lanzarin says

    April 21, 2013 at 9:32 am

    I movedvaway from WordPress sometime ago for this reason, and for its dependence on too many plugins. I prefer Drupal as my content management system of choice. Good article though on how to protect your your blog. WordPress is a good platform for blogging, just don’t use admin as your default password- for starters.

    Reply
  12. Connor Harley says

    April 29, 2013 at 1:27 am

    I never used the default admin as user. Hackers always try their luck in using this to hack websites and there are really times they succeed because there are lots of site owners who are not changing it.

    Reply
  13. Cassie says

    May 3, 2013 at 1:14 pm

    Hi Michelle, thanks for the suggestions. I did want to let you know that I also installed the Better WP Security plugin and it crashed my site. My webhost just helped me get it back up and running, though it was a bit complicated as it had changed some things that had to be rewritten. I read some forums and said that this plugin either works perfectly or takes sites down completely so it’s a bit of a risk. I’ll have to do some research to see if there is anything else similar that may give me some suggestions for things to fix. But I appreciate your article!

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

New Articles & Tutorials

  • 7 Tips to Help Optimize Your Online Store to Increase Sales
  • Stop Competing. Start Collaborating. (It’s the secret to escape the zombie-preneur apocalypse!)
  • How Your Current Field Can Help You Enter the Digital Marketing World
  • 5 Simple Ways to Be More Effective as a Solopreneur
  • How to Use Content Intelligence Like the “Big Guys”

Get Daily Business Tips & Inspiration

Get Daily Business Tips & Inspiration

There’s One Thing I Know…

Hi, I'm Michelle. And here's what I know: you're here with a purpose and I can help you achieve it. I write this blog to make sure you've got the tools, tactics, and inspiration you need to make a go of building your passion and purpose into your own successful, profitable business. So, welcome! Stay a while.

Disclosure: Some blog posts, articles or other content on this website contain affiliate links for products or services I recommend.
This means I may receive a commission or other compensation if you choose to purchase something I've shared with you.

Terms of Use | Privacy | Affiliate Agreement | Anti-Spam | External Links | DCMA Policy | Earnings Disclaimer
© 2000-2024.