Post-Thumbnail

As most of you might have noticed, Creativeoverflow was hacked Friday morning 11th of December. It took me a entire day to get everything back up to date and working correctly again but, everything is back to normal now though. I decided to write this article to help you protect yourself from being hacked or anything in that line.

This post will share some information regarding the usual threats that we bloggers receive and what we can use to prevent future attacks and hacks. Let’s not sit around for too much longer and get going.

Securing Your WordPress Blog

Their are numerous ways to approach a security situation but, working with wordpress their are usually a few threats that will come up first.

They used a Bruteforce Attack to gain access.

They gained access through phishing your info.

They register themselves and work up from there.

There are a few ways they can really gain access to your blog. Technology is getting so advanced that a lot of the hackers don’t have to do hacking themselves anymore they have programs doing it for them. Let’s look at the solutions to use to secure your wordpress blog.

1. WP Security Scan

This plugin scans your entire site for security issues and checks passwords, folder/file permissions, database security, WP version hiding and WP admin protection and security. Don’t use if you have a weak heart, you could get a fright.

Link - http://wordpress.org/extend/plugins/wp-security-scan/

 

2. WordPress Database Backup

This is one of the plugins that you should almost have installed before you even think of installing your new theme. This plugin does exactly what the name says it does, it makes a entire backup of your wordpress content and can easily be managed. The content can either be backedup to a harddrive, server or even a email address. If its a hacker that crashes your WP installion or yourself, this plugin will restore it to its previous greatness.

Link - http://www.ilfilosofo.com/blog/wp-db-backup/ 

 

3. Replace WP-Version

We all know by showing our WP versions we are more likely to be attacked by hackers. This plugins resolves the issue though. If you’re running a older version of wordpress anyone can view the source and then contemplate on what attacks might work against the installed version of wordpress. This plugin replaces the Version cue with a generated string which resolves the issue of showcasing your version.

Link - http://wordpress.org/extend/plugins/replace-wp-version/#post-2859

 

4. WP Spam-Free

Some say this plugin is better than Akismet but, I think it all depends on users choice for which plugin they want to use. I just wish there was a way to stop spammers in general, then we wont have to clean out our spam boxes with so much wasted comments everyday.

Link - http://www.hybrid6.com/webgeek/plugins/wp-spamfree

 

5. AskApache Password Protect

This plugin secures your WP Admin panel with a very powerful htaccess password protection, preventing all unwanted guests and bots to gain access to your site.

Link - http://www.askapache.com/wordpress/htaccess-password-protect.html

 

6. Login Lockdown

Login Lockdown records the IP address and timestamp of every failed WordPress admin login attempt. After a certain number of attempts that are detected within a short period of time from the same IP range,  the login function is disabled for all requests from that range. You can find locked out IP ranges manually from the panel.

Link - http://www.bad-neighborhood.com/login-lockdown.html

 

7. Angsuman’s WordPress Guard Plugin

A must-have WordPress security plugin (compatible with all versions of WordPress) that protects the vulnerable areas of your blog from outside access with an additional layer of security.

Link - http://www.taragana.com/products/free-wordpress-plugins/wordpress-guard-plugin

 

8. Admin SSL

This plug-in will work with both the private and shared SSL connections and it will force a SSL connection in every page where password can or has to be entered. It is very helpful to protect the admin area, posts and all the pages of your WordPress installation and secure the login page.

Link - http://wordpress.org/extend/plugins/admin-ssl-secure-admin/

 

9. Stealth Login

Stealth Login obfuscates your login page by allowing you to define a custom login page rather than the default wp-login.php. In the event that your password is leaked, the hacker will also have a hard time finding the correct login URL. A good use of this is to prevent any malicious bots from accessing your wp-login.php file and attempting to break in.

Link - http://wordpress.org/extend/plugins/stealth-login/

 

10. Tips To Stay Protected

  • Always keep your plugins updated
  • Make sure you backup your databases regulary
  • Always have the latest version of WordPress Installed
  • Protect your blog with a solid Password.

Link - http://www.blogherald.com/2007/05/08/protect-your-blog-with-a-solid-password/

Be sure to protect your blog unless you want to be attacked at some stage, I highly doubt that anyone does.

Buffer
About the Author:
Jacques is the CEO and Founder of the An1ken Group. Connect with him: Jacquesvh.com - @Jacquesvh - Facebook - Instagram - Pinterest - Google+

67 Comments so far

  1. [...] This post was mentioned on Twitter by Jacques van Heerden, Sergio Arantes. Sergio Arantes said: How To Fully Secure Your WordPress Blog http://bit.ly/77kiU7 [...]

  2. Jacques I was shocked to see that happened. I’m glad you’re back up, and have locked things down better. :)

    I don’t know why they would target CreativeOverflow in the first place; it’s a place for learning, not anarchy.

  3. David W. says:

    Glad the site is back up and fixed. Hackers are a pain aren’t they? Thanks for the great security tips and I hope it doesn’t happen again. :)
    .-= David W.´s last blog ..Doctor Who wallpaper =-.

  4. Social comments and analytics for this post…

    This post was mentioned on Twitter by An1ken: How To Fully Secure Your WordPress Blog – http://b2l.me/bfg7w

  5. Thankx bro great tips and great round up! And yes hackers are pain!
    .-= Shurandy Thode´s last blog ..Favorite Caricature of 2009 – #1 [Digg] =-.

  6. Derek Land says:

    You have some good plugins listed above. I’ve already implemented a few myself.

    Thanks!

  7. My free and effective antivirus plugin for WordPress: http://wpantivirus.com

  8. Hey Jacques, glad that you are all back up. Let this be a lesson to everyone.

    I myself have already installed a lot of these plugins. Thanks for the tips bro. You’re very fortunate that you recovered everything, other blogs can’t say the same.
    .-= Design Informer´s last blog ..Gloss’d – A Free Icon Set =-.

  9. [...] the original here: How To Fully Secure Your WordPress Blog | Creativeoverflow Comments0 Leave a Reply Click here to cancel [...]

  10. Blogger Den says:

    These are some amazing tips, really great for anybody running a WordPress blog! I’ll have to submit this over to Blogger Den, it’s great to share with the blogging community
    .-= Blogger Den´s last blog ..A Review of Social News Site Mixx =-.

  11. [...] How To Fully Secure Your WordPress Blog [...]

  12. [...] How To Fully Secure Your WordPress Blog [...]

  13. Benjamin says:

    good post cheers thers apache wp security plugin thats pretty awesome seems to cover everything
    .-= Benjamin´s last blog ..8 Free Excellent Xmas Brushes [2] =-.

  14. Thank you so much for this post. I am new to blogging, and I have been slowly learning about different types of security plugins, but yours is the first post I’ve found that pulls it all together for me.

    I’m bookmarking your site now!
    .-= Darvin @ Inexpensive Gifts for Men´s last blog ..Romantic Christmas Gifts for Men =-.

  15. johndaddy332 says:

    How to protect download links in wordpress??????

  16. Carla says:

    Thank you for the tips and info. I think the hardest thing for me is to keep my blog updated. For some reason, I am never able to update automatically (always have to do it manually in cpanel) and I end up screwing something up. I wish there wasn’t so many updates!

  17. Enk. says:

    Some awesome Plugins listed there.. to be frank I didn’t knew all of em ! :)

  18. [...] How To Fully Secure Your WordPress Blog (creativeoverflow?.net) [...]

  19. Car Tuning says:

    I once got hacked and your post has given me some insights into how people do this. I think the biggest risk is from automated hack attacks.

    I would like to run the latest wordpress version but sadly they are never completly stable. I tend to stay one or two updates back.

    I do feel safer now having applied your tips.
    .-= Car Tuning´s last blog ..Welcome to the car tuning website =-.

  20. Harry says:

    Hi Jacques. Thanks for huge tips for securing wp. Number 5 will be great for me, Hopefully.
    .-= Harry´s last blog ..5+ Cara Optimasi CSS =-.

  21. access panel says:

    This post can help a lot to WP users. Thanks for posting this.

  22. Great tips :-) bookmarked
    .-= Tutorijali HDonWEB´s last blog ..TwitteRSS na?in pra?enja RSSa =-.

  23. Lucy21Mn says:

    This is surely nice that you spread the great facts connecting to this good post, hence, I suggest to take the assistance from the freelance writers .

  24. [...] Originally posted here: How To Fully Secure Your WordPress Blog | Creativeoverflow [...]

  25. erman kuzu says:

    You are writing a very nice article. Thank you

  26. [...] Originally posted here: How To Fully Secure Your WordPress Blog | Creativeoverflow [...]

    Reply

  27. My Happy Tel says:

    This is a great piece, I never thought I’d get hack on my own blog but you can never be too sure these days.

  28. I do have a blog and it surely in need to this kind of steps in securing my blog. Thanks for the information and tips you shared in here.

  29. MyGüncel says:

    Such issues will follow with interest, I thank you for the topic

  30. chemistry says:

    Thanks for the information and tips you shared in here.

  31. english says:

    thank you. great comment about working wordpress, setup backup and others.

  32. hasan says:

    Be sure to protect your blog unless you want to be attacked at some stage

  33. sinematv says:

    this article is very good thank you.

  34. thanks for article. especially spam comments are trouble

  35. Hazar says:

    Thank you by admin nice.

  36. Resim Payla? says:

    Yeah Blog this is blog beatiful because here good owner.

  37. cardsharing says:

    I’m only looking for basic instructions on how to change some of these things. I noticed that there is a menu that looks a bit like MS Word. However, there are a few things that I cannot find. Do you know of a written instructional document that I can use to make some basic changes to WP?

  38. av?a adas? says:

    Good work my friend.Thank you very much

  39. akek says:

    your this one is nice too :) thank’s

  40. nurettin says:

    The cache thing is a general problem for any other than (x)html outputs…

  41. Bilgi says:

    Thanks a lot in this business startup I have to write a new narrative was a good

  42. thank you admin. good post.

  43. pimapen says:

    Well that was much simpler than I was expecting. Thanks!

  44. bilgi says:

    thanks a lot my friend I would very much like I always had a useful article would like to see us in writing

  45. kemiksiz says:

    A Beautiful post thanx for the information

  46. I want to update my wp-blog, this post is useful for me. Thanks ;)

  47. simao says:

    Thanks for post! i want to create a wordpress blog

  48. oyun says:

    thahnks you blog

  49. I am joyful to find so numerous practical information now inside the post, we need build up additional methods in this regard, thanks for sharing

  50. Hey Jacques, I have been in the same troubles like you, and I write a bash script that let me to automatizate my dairy data backups from another server, I want to share it with your readers:

    http://www.perfilgeek.com/2010-08-30/respalde-de-forma-eficiente-sus-bases-de-datos-mysql/

    Greetings From Chihuahua, Mexico.

  51. [...] celebrities celebs famous people This entry was posted in Uncategorized. Bookmark the permalink. ← [...]

  52. Thanks really need this one, two of my clients blogs have been hacked recently this, will help me tighten security.

  53. A very useful post, thanks. Another plug-in worth mentioning is Secure WordPress which combines several security options together.

    As for stopping spam, we’ve found that SI CAPTCHA Anti-Spam is a great plug-in for adding an CAPTCHA form and helps prevent spam.

  54. great list. i have almost all of these already. would you please update this post to a more recent one that touches on newer vulnerabilities and plugins?

  55. DougScott says:

    i used wordpress since i was in high school and honestly i encountered some security problems until today. thank you for sharing this one. from now on, there will be no apprehensions at all. Online Education

  56. Theo says:

    Great and useful article some plugins mentioned here are new to me, thanks!

  57. Diaper Caddy says:

    Thanks so much for posting this article, i found it very helpful

    Thanks again.

  58. dog bathing says:

    I always enjoy reading such posts which provide knowledge based information like this blog. Keep it up.

  59. The technology become a part in our life because we sit our
    home can be do online shopping and book the flooring online so nice services
    for the customer. IT is nice facility give also.

     

Have your Say