How To Protect Your Blog From Hacking Attempts

Following the famous saying, “Security is only as strong as its weakest link,” security is very essential, especially when it comes to doing online things. A single weak link can be used to compromise all your hard work and even online identity. With wordpress being used as a CMS solution for most of the blogs out there, we present a comprehensive list of tips, tricks and measures that you should take so that you never get hacked.

Always Keep Your WordPress Updated

WordPress is an open source, GPL licensed blogging platform that has become the de-facto standard for all bloggers in recent years. Since it was developed by the wordpress community, various security holes are often found and reported back to the community. The community patches the possible security holes and releases a new version of WordPress. Updating your wordpress install to the latest available version automatically secures you against security flaws in the earlier versions.

Using a Strong Password

Needless to say, you should always have a very strong password for your blogging account. Don’t include dictionary words in your passwords as they can easily be cracked using brute force methods. Here are some tips on choosing strong passwords:

• 1. Do not include dictionary words
• 2. Do not make your birth date or phone number as passwords. They are fairly easy to guess
• 3. Do not include dictionary words
• 4. Use a combination of upper and lower case letter
• 5. Use a combination of letters, numbers and signs
• 6. Always make sure, you have a alpha-numeric combination in your passwords

Take Regular Backup Your Databases

Precaution is better than cure. So, make it a habit to take regular backups of your databases. Database is a place where each and everything regarding your blog is stored. If you have a backup, you’ll never lose anything regardless of whatever may happen to the blog. Having a backup also serves a purpose of restoring the blog to a previous instance of time in case anything bad happens. You can use the WP-DB-Backup plugin to make this task easier.

Hide Your WordPress Version

Many times, a malicious hacker just scans the entire blog database with a script that searches for earlier and non patched wordpress installs. In case, you didn’t get time to update your wordpress install, you may fall for the trap since you have a older install with possible open security holes. To combat this situation, you should always delete the meta version line from the header.php file inside your wordpress install.

Double Check Your File Permissions

Incorrect file permissions are the most widely used exploit by malicious users and hackers who are trying to take down your blog. A single incorrect file permission may lead a sensitive directory exposed and ultimately, your blog to be hacked. So, it’s always recommended that you have correct permissions set to each and every file in your blog installation. Some files are meant to be public and some are not.

Preventing Brute Force Attacks

Brute Forcing is a technique that is used by hackers to take down your account. In brute forcing, each and every possible combination for password is tried from a defined dictionary. To prevent this, the best option is having a really strong password. In addition to that, you can limit the login attempts to your blog’s admin are with the Login Lockdown plugin. This will not only ensure that you don’t fall prey to a hacking attempt, but will also limit the number of attempts used to get access to the admin area.

Protect Your Configuration File

As a matter of fact, wordpress stores all your details including your username and password in plain-text in the wp-config.php file in the directory. Now, if you have incorrect file permissions set, this sensitive information may be out in public. To make sure that doesn’t happen at least for this file, you can put this piece of code in your .htaccess file:

<files wp-config.php>
order allow,deny
deny from all
</files>

This will set the correct file permissions and will prevent anyone from viewing this file.

Use WordPress AntiVirus

AntiVirus is a free and very useful wordpress security plugin that helps you protect your blog from all possible virus infections. It has many special features that constantly scans and checks your blog for any virus infections and sends and email alert if it finds anything that’s malicious.

Conclusion

Today, we discussed all the possible measures that you can take to make sure that your blog never gets hacked. Do let us know if you find our tips and tricks useful. Also, if you have any other tips and tricks on how to prevent your blog from hacking attempts, we would love to hear them.

Rishabh Agarwal is an Engineering student from India. In addition to that, he’s also a passionate Photographer, a Musician and a Web Designer. He writes about technology on his blog, TechyLabs, and Photography on ShutterSkills. Follow him on Twitter: @rish404.

• Tweet

1. ditatompel says:

   July 28, 2010 at 8:17 am

   Nice article! Another trick to increase wordpress security is Use WordPress plug-in to change login url.
2. bono says:

   July 28, 2010 at 10:17 am

   very helpful article. not only use a strong password but to change your password regularly as well. thanks for sharing this! cheers
3. Irina says:

   July 29, 2010 at 12:45 am

   Thanks for the tips! I’ll definitely use them
4. Mia says:

   July 30, 2010 at 3:03 pm

   Thank you for the insightful info Rishabh , I was not even aware that an Antivirus Plugin even existed for WordPress .

   Something I must definitely give closer attention towards .
   This was an eye-opening article to say the least !

   I thank you !

   M.
   • Mia says:

     July 30, 2010 at 7:25 pm

     P.S: Ironically , after reading this post – my friends site got hacked now Im directing him to this article & hope that others will take steps in protecting their sites as well from malicious hackers out there .
5. Alex Cooper says:

   July 31, 2010 at 12:21 pm

   Good read. I always preach security through obscurity.
6. Jay Philips says:

   August 23, 2010 at 7:17 pm

   Awesome list. I also recommend using “Simple Trackback Validation”, which is great for verifying trackbacks.
   http://sw-guide.de/wordpress/plugins/simple-trackback-validation/
7. Chote Ustad says:

   August 28, 2010 at 6:14 am

   My blog was hacked just a hour before thanks for phpMyAdmin through which I changed my password and got access back to blog. Now i will defiantly have a very very strong password for my blog. Thanks for your tips.
8. Robin says:

   September 8, 2010 at 8:26 am

   Thanks for the tips. Its worth to read really I care more about security of my blog than anything.

   Cheers.

   - Robin
9. joey says:

   September 17, 2010 at 1:02 pm

   very interesting article, this is really great info. I will have to keep it in mind when building my next blog
10. Islamic Blog says:

    October 8, 2010 at 8:46 pm

    I got my blog hacked today and it made me really worried but thanks for your all helpful tips. I will try me best to adopt preventive measures mentioned by you. Thanks.
11. Ethical Hacking Forum says:

    October 18, 2010 at 11:45 pm

    Computer hacking is most common among teenagers and young adults, although there are many older hackers as well. Many hackers are true technology buffs who enjoy learning more about how computers work and consider computer hacking an “art” form. They often enjoy programming and have expert-level skills in one particular program. For these individuals, computer hacking is a real life application of their problem-solving skills. It’s a chance to demonstrate their abilities, not an opportunity to harm others.
    • Charles Fedorowicz says:

      December 7, 2010 at 1:57 am

      Re Ethical Hacking Forum comment – There is nothing Ethical about Hacking it is a nuisance we can all do without!
12. Brett Widmann says:

    January 7, 2011 at 12:43 pm

    These are very helpful tips! I have to keep out those hackers!

• Categories

  • Author
  • Business
  • CSS
  • Database
  • Design
  • HTML
  • Icons
  • Interview
  • Javascript
  • JQuery
  • News
  • PHP
  • SEO
  • tutorial
  • Winners
  • Wordpress

• Archives

  • January 2012
  • December 2011
  • November 2011
  • October 2011
  • September 2011
  • July 2011
  • June 2011
  • May 2011
  • April 2011
  • March 2011
  • February 2011
  • January 2011
  • December 2010
  • November 2010
  • October 2010
  • September 2010
  • August 2010
  • July 2010
  • June 2010
  • May 2010
  • April 2010
  • March 2010
  • February 2010
  • January 2010
  • December 2009
  • November 2009
  • October 2009
  • September 2009
  • August 2009
  • July 2009
  • June 2009
  • May 2009
  • April 2009
  • March 2009
  • February 2009
  • January 2009

• Friends

  • 2experts Blog
  • 99 Points
  • AnimHuT
  • Artatm
  • Artedelweb.it
  • Artfan Design
  • bkmacdaddy
  • Blog Web Designer
  • BlogUpstairs
  • CartridgeSave
  • Concept Dezain
  • Creativeoverflow
  • CSS Websites
  • denbagus.net
  • Design Juices
  • Designrfix
  • Downgraf
  • FreebiePixels
  • GraphicBuzz
  • GraphicsBeam
  • InspireBit
  • Ivan Kristianto
  • Lava360
  • Maya Digital
  • Ninja Crunch
  • Ocular Harmony
  • Top Web Design
  • Underworld Mag
  • Visual Swirl
  • W3Avenue
  • Web and Designers
  • Web Design Burn
  • web3mantra
  • WebDevTuts
  • webexpedition18
  • Website Builder
  • Workants
  • Your Inspiration Web

• Sponsor Links

  • Testking
  • ccda
  • ccna
  • ccnp
  • Test king
  • Electric Guitar
  • China manufacturers
  • wholesale softwares
  • website builder
  • ATT U-Verse.
  • Website Builder
  • Web Design
  • Website Templates
  • Free Templates
  • Flash Templates
  • Web Hosting Companies
  • Logo Designers
  • web design jobs
  • Vector Clipart
  • Design Tutorials
  • Design Resources
  • Design Inspiration
  • Print Services