This article discusses some measures an ordinary blogger can take to protect his/her WordPress blog. Kindly seat back and read this.
The big question is ‘Why a Blog Is Vulnerable to Hacking and Other Exploits??’
The reason is very simple: you can’t compare your personal computer, which only connects to the Internet sporadically to that of a website which are hosted on computers that are permanently connected (or so one would hope) to the Internet which simply means your blog is exposed to anyone who wanted to connect to it.
Symptoms of a Hacked WordPress Blog
Here are some of the symptoms of a compromised wordpress blog:
The hackers may install some sort of malware that will install on the computers of the blog’s unsuspecting visitors and this can lead to the web being defaced.
As a result of the above point, your blog may be removed by google from their search engine results and hereby leads to traffic plummet. It also has a serious side effects that will cost the blogger considerable effort just to clean up and recover.
Measures to Improve the Security of Your WordPress Blog
Keep Your WordPress and WordPress Plugins Updated to the Latest Version
You’re expected to update your WordPress plugins to latest version especially when it’s a security release, you will have no choice but to upgrade, even if its not a security release you still have to upgrade because New versions often fix holes found in the earlier versions.
Password Protect Your wp-admin Directory
This is different from setting a password for your WordPress user account. When you password protect your wp-admin directory, any attempt to directly load a page from that directory will cause a “401 Unauthorized” error unless a specific user name and password combination is supplied. However, it may help if hackers discover that one of the scripts in the wp-admin directory contains a security hole, and the WordPress developers have not yet issued a fixed version. You will be asked to provide username/password when evere you try to access your wp-admin directory. You can set this through your Hosting account.
Prevent the Listing of Your WordPress Directories
To know whether you need to take this measure, try this experiment. If your blog is located at, say, http://www.example.com/, type http://www.example.com/wp-content/plugins/in your browser. If you see a listing of all the plugins you’ve installed in your blog, this section applies to you because if security exploiter (hackers) to see your list of plugins, it gives them the opportunity to check what you have installed against their own list of plugins (and scripts) known to have security holes. Although preventing the directory listing does not stop them from exploiting those holes, at least you are not advertising your vulnerable scripts to all.
How to Prevent a Directory Listing of Your Website??
This can be done by re-writing your .htaccess.
And lastly, Keep regular backups of your site and database. Atleast if you’re being hacked, you will just have to re-upload your backup. Don’t wait till a disaster strikes to regret that you’ve not backed up anything.