Extra WordPress Blog Security Tips to Watch In 2013

Wordpress Security Plugins

Yes, I am a blogger, have been for a long time and won’t stop a long time ahead. Anybody who pretty much does anything online tend to have a blog; no matter how small. If so, you know what it feels thinking you may wake up one morning to kiss all the hardwork you put in building your blog goodbye.

I was worried last year when a lot of wordpress blogs were hacked due to the Timthumb code (whatever security hole that represents) and other security flaws relating to password protection, theme, etc. Even big companies like DropBox admitted being hacked with passwords that hackers picked or coined outside the site.

As a result, I mapped out a concise protective action steps that helped my blogs survive 2012. And today, as we are all enthusiastic on how much we want to achieve this year, I feel I should perhaps share with you some of the tips that did keep my wordpress blog safe and what I am doing again this year to ensure I don’t lose my sweat to some hacker halfway across the globe.

Start using strong passwords

Most of us manage a good number of blogs and are engaged with several things on the World Wide Web. And we know what admin responsibilities come with such. And in such a scenario, we often take the easy route; using one password and username for all our accounts. This is doing it wrong. Simply thinking that you won’t be hacked isn’t enough to keep you safe. It is safer to have at least one password for an account which must be at least eight characters, comprising of numbers, letters and symbols. If you are worried, create a spreadsheet for them and you will have a place to fetch them when needed.

Keep Up With Updates

There is simply no excuse not to follow up with wordpress updates. The latest versions of wordpress tend to come with more functionality and added security measures adapted to help keep your blog safer. You can get all these features by updating to the newest version.

Think of it this way, when a new wordpress version is released, hackers go to work; trying to detect security holes. And then, just when they are about to succeed, wordpress rolls out a better and more improved version that sends them back to a heavier and more tasking learning curve. Hence to this end, you simply need to be running on the newest version to at least keep away from hack attempts due to common security holes.

Monitor Malware

Have you ever gotten the “unsafe” message when trying to access a website you may have been using before? I got such messages on people’s sites but was never startled as I was when it greeted me on a client’s blog that I personally maintain. The answer was simple, it was infected, and within the next few days we lost a heavy traffic because nobody would love browsing an infected site.

It is therefore pertinent that you find a means to monitor and consistently scan your WordPress blog for malware infections. If you are not tech-inclined, needless to say you shouldn’t just choose a tool that will show you the problem you are having but one that will lead you on how to solve and put an end to it.

Install and Use WordPress Security Plugins

There are certain plugins that will help make your blog safer by implementing certain security measures. Here are those I would suggest:

  • WP Security Scanthis plugin will help scan your wordpress installation to identify weaknesses that may give hackers a head start and suggest the necessary actions needed to fix this to make your site less vulnerable. For instance, if your blog is throwing out words on the location of important files and folders like the phpinfo.php, the i.php files or .sql database back files, this plugin will help you to identify and fix this before it escalates.

Similarly, the WordPress Exploit Scanner plugin will scan and alert you of problem areas in your site; giving you first hand information on what security holes may be up for exploit.

  • WordPress File Monitorthis plugin will keep watch over all your wordpress files and alert you of any changes to them. This is not such a big protection though because the deed would have been done before you get the alert. But for those minor file changes and those that may not pose such a big harm, file monitor is good and will help you know when to step up your security measures.
  • Login Lockdown Plugin – in order to give hackers a difficult time trying to access your blog from the login interface, you can use the login lockdown plugin to limit the login attempts. This plugin also has the ability to hide those error messages following invalid login attempts so the hacker stays blinded until he’s timed out.

Over to you now…

…have you taken any security measures this year to help protect your blog? Is any of what you did contained in the list above? If not, please share with us so we can all have a hack-free year.

Image Credit: adopus

Article by Steven Papas

Steven has written 1 articles.

You can follow webtrafficroi on Google Plus, Facebook and Twitter here. Subscribe to WebTrafficROI feed via RSS or EMAIL to receive instant updates.


MaxBlogPress Ninja Affiliate

Comments on this entry are closed.

  • psdtohtmlexpert January 26, 2013, 12:59 pm

    Yes, you are right. And the Bullet proof seams to work best among the rest of the security available. Either the website is wordpress blog or cms. Security plugins are important.

    • steven January 28, 2013, 1:36 am

      Thanks mate! It seems we share the same idea on this. I think anybody that runs a blog must have some effective security measures in place. And using security plugins is among the easiest steps we can all take to improve the security of our blogs.

  • bhavesh January 26, 2013, 10:28 pm

    Security is really very important..

    • steven January 28, 2013, 1:37 am

      I am glad you enjoyed the post Havesh!

  • Arun February 7, 2013, 12:23 am

    Thanks for the post. I have experience that my joomla site got hacked 3-4 times last year because of wrong file permissions and an insecure plugin which had a backdoor.

  • logodesign February 26, 2013, 2:40 am

    I have two blogs on WordPress and both have good page rank and traffic it will be terrible for me if my blog hack one day. In this scenario your post is very helpful to understand the technicalities regarding WordPress blog security tips.

  • Lorenzo C. April 9, 2013, 9:16 pm

    Limit Login Attempts is another plugin that can help improve the security of your WordPress blog. It protects against brute force attacks by temporarily blocking IP addresses that have too many failed attempts to login.