It’s every blogger’s worst nightmare. You wake up, grab your coffee, sit down at your computer, pull up your blog…. and it’s gone. It’s showing a weird code error message… or a strange foreign language political message… or it’s been taken over by bad guys using it to distribute malware to visitors or in a phishing attack…
Why?!! I can’t claim to understand the mind of hackers–it’s just a terrible thing to do, and illegal. But generally the motivations are either to spread a message (political/religious), distribute malware (programs that download to visitors computers and allow the hackers access to their computers), or just take down blogs because they can and they’ve got a warped sense of fun.
The good news is that a few simple steps can really reduce your chances of falling prey to an attack.
1. Stay Updated
If you choose only one item from this list to take action on, make it this one. Keeping your WordPress installation, all your plugins and themes updated is the best way to stay protected. When WordPress releases an update, many times it’s because they’ve found a security vulnerability and patched it. If you don’t update, your blog is open for an attack.
Almost every time I’ve been asked to help fix a blog, it was not running the most up to date version of WordPress.
2. Install Security Plugins and Use Them
The security plugins I choose to protect my blog with are:
Bulletproof Security — this one will help protect your blog from a variety of attack types by guiding you through removing vulnerabilities and beefing up your blog’s security.
WP Security Scan — a plugin from WebsiteDefender, this one will help you verify security settings for your blog and make sure you’ve got things setup right.
Threat Scan Plugin — this plugin is super useful if you’ve been hacked, and a great option for “peace of mind” checks, as it scans not only your files but your entire database looking for possible malicious code.
3. Keep Backups of Your Blog
On a cPanel host, this is easy to do with the backup tool. If you have access to it, that’s what I recommend using. But remember to download the backup and save it to your computer. If you leave it on the server and the server crashes, that backup won’t be able to do you any good.
With WordPress, you can use the plugin called BackWPup to save your entire blog (database and files) to your server space, Amazon S3, or a variety of other options. There’s also WordPress EZ Backup which backs up the entire blog, but it hasn’t been updated as recently as BackWPup.
Have you been hacked yet?
Maybe you’ve been through it and know that terrible sinking feeling in the pit of your stomach. Maybe you’ve been lucky so far. Either way, take steps now to protect yourself for the future, okay?
Hacking attempts are like server crashes and computers dying. It’s not a matter of “if” so much as a matter of “when.” With good security you can help protect yourself against it happening and with a good backup you’ll be able to recover if it does happen.
Got any other suggestions on keeping our blogs safe and secure? Any plugins you like or hacking experiences you recovered from to share?
Image Credit: iqoncept/StockFresh
-
7Shares
- 7
Steve Rice @ The Spark Blog says
Great insight, Michelle, as always! I hadn’t used the security plug-ins, tho I do update and backup regularly. Thanks so much for keeping us informed. It’s too bad we have to consider something like this, but it’s great to have good resources like your site to walk us through! :)
Michelle Shaeffer says
It really is too bad. If only everyone cared how their actions affected others… but until then, good to protect ourselves as best we can and be ready to deal with it if it happens.
Susan Maricle says
I’m heading over to Blogger to see what security plug-ins they have. Thanks for the warning, Michelle! Susan
Michelle Shaeffer says
Hi Susan, I’d love to know what you find – I don’t work with Blogger but I know some of my readers do so it’d be great info.
Nancy Rose says
WOW! I just installed the 3 security plug-ins you recommended. thanks
Michelle Shaeffer says
You’re welcome, Nancy. Great to know action is being taken. :)
Sheila Atwood says
Michelle,
Thanks for the update on which plugins are the best. I will be updating my plugins today!
Michelle Shaeffer says
They keep changing, don’t they? I just look for what’s been kept updated by it’s authors. So many great plugins get left to get dusty and while they still work, especially for a security plugin, something updated is better.
Ali Bierman says
Thanks for the good info.
Michelle Shaeffer says
You’re welcome. :) Thanks for commenting!
Roberta Budvietas says
As always – useful and practical information. Thanks for the update. Keep arguing with my support he says not necessary to do these things, I say necessary – just sent him you blog
Michelle Shaeffer says
I always figure it’s better to be too prepared than to not have it when you need it. :)
Helenee says
I’m thinking of giving WordPress Defender a try. You can find it at: securemyblog dot com . Any comments on it?
Michelle Shaeffer says
I haven’t tested that one out but it looks pretty comprehensive. I’d love to hear what you think of it if you give it a try. :)
Calli | Wedding Favors says
Hi Michelle,
I haven’t experienced being hacked yet but the tips you gave are surely helpful. Its always better to prevent this from happening. Thanks a lot for the information.
Michelle Shaeffer says
Yes, definitely! I hope that no one reading ever actually *needs* this information. :)
Tracy says
Hackers are always doing their job well…I hope we can prevent them…
Michelle Shaeffer says
It’d be nice it we didn’t have to worry about it but the best we can do is stay one step ahead of them. :)
Traci says
Hi Michelle, It has not happened to me yet thank goodness. It is one of my worst fears so I will do everything I can to keep it from happening. Thanks for writing this post. I am going to install some of these plugins now!
Michelle Shaeffer says
It’s a scary thing if it happens and we don’t know what to do. But those plugins will help prevent it. :)
Vivek says
Hi Michelle,
Very Nice blog , and very informative.
Michelle Shaeffer says
Thanks for commenting, Vivek.