Post-Thumbnail

As most of you might have noticed, Creativeoverflow was hacked Friday morning 11th of December. It took me a entire day to get everything back up to date and working correctly again but, everything is back to normal now though. I decided to write this article to help you protect yourself from being hacked or anything in that line.

This post will share some information regarding the usual threats that we bloggers receive and what we can use to prevent future attacks and hacks. Let’s not sit around for too much longer and get going.

Securing Your WordPress Blog

Their are numerous ways to approach a security situation but, working with wordpress their are usually a few threats that will come up first.

They used a Bruteforce Attack to gain access.

They gained access through phishing your info.

They register themselves and work up from there.

There are a few ways they can really gain access to your blog. Technology is getting so advanced that a lot of the hackers don’t have to do hacking themselves anymore they have programs doing it for them. Let’s look at the solutions to use to secure your wordpress blog.

1. WP Security Scan

This plugin scans your entire site for security issues and checks passwords, folder/file permissions, database security, WP version hiding and WP admin protection and security. Don’t use if you have a weak heart, you could get a fright.

Link - http://wordpress.org/extend/plugins/wp-security-scan/

 

2. WordPress Database Backup

This is one of the plugins that you should almost have installed before you even think of installing your new theme. This plugin does exactly what the name says it does, it makes a entire backup of your wordpress content and can easily be managed. The content can either be backedup to a harddrive, server or even a email address. If its a hacker that crashes your WP installion or yourself, this plugin will restore it to its previous greatness.

Link - http://www.ilfilosofo.com/blog/wp-db-backup/ 

 

3. Replace WP-Version

We all know by showing our WP versions we are more likely to be attacked by hackers. This plugins resolves the issue though. If you’re running a older version of wordpress anyone can view the source and then contemplate on what attacks might work against the installed version of wordpress. This plugin replaces the Version cue with a generated string which resolves the issue of showcasing your version.

Link - http://wordpress.org/extend/plugins/replace-wp-version/#post-2859

 

4. WP Spam-Free

Some say this plugin is better than Akismet but, I think it all depends on users choice for which plugin they want to use. I just wish there was a way to stop spammers in general, then we wont have to clean out our spam boxes with so much wasted comments everyday.

Link - http://www.hybrid6.com/webgeek/plugins/wp-spamfree

 

5. AskApache Password Protect

This plugin secures your WP Admin panel with a very powerful htaccess password protection, preventing all unwanted guests and bots to gain access to your site.

Link - http://www.askapache.com/wordpress/htaccess-password-protect.html

 

6. Login Lockdown

Login Lockdown records the IP address and timestamp of every failed WordPress admin login attempt. After a certain number of attempts that are detected within a short period of time from the same IP range,  the login function is disabled for all requests from that range. You can find locked out IP ranges manually from the panel.

Link - http://www.bad-neighborhood.com/login-lockdown.html

 

7. Angsuman’s WordPress Guard Plugin

A must-have WordPress security plugin (compatible with all versions of WordPress) that protects the vulnerable areas of your blog from outside access with an additional layer of security.

Link - http://www.taragana.com/products/free-wordpress-plugins/wordpress-guard-plugin

 

8. Admin SSL

This plug-in will work with both the private and shared SSL connections and it will force a SSL connection in every page where password can or has to be entered. It is very helpful to protect the admin area, posts and all the pages of your WordPress installation and secure the login page.

Link - http://wordpress.org/extend/plugins/admin-ssl-secure-admin/

 

9. Stealth Login

Stealth Login obfuscates your login page by allowing you to define a custom login page rather than the default wp-login.php. In the event that your password is leaked, the hacker will also have a hard time finding the correct login URL. A good use of this is to prevent any malicious bots from accessing your wp-login.php file and attempting to break in.

Link - http://wordpress.org/extend/plugins/stealth-login/

 

10. Tips To Stay Protected

  • Always keep your plugins updated
  • Make sure you backup your databases regulary
  • Always have the latest version of WordPress Installed
  • Protect your blog with a solid Password.

Link - http://www.blogherald.com/2007/05/08/protect-your-blog-with-a-solid-password/

Be sure to protect your blog unless you want to be attacked at some stage, I highly doubt that anyone does.

Buffer
About the Author:
Jacques is the CEO and Founder of the An1ken Group. Connect with him: Jacquesvh.com - @Jacquesvh - Facebook - Instagram - Pinterest - Google+
  • Pingback: Tweets that mention How To Fully Secure Your Wordpress Blog | Creativeoverflow -- Topsy.com()

  • http:///www.thisisinspired.com ThisIsInspired

    Jacques I was shocked to see that happened. I’m glad you’re back up, and have locked things down better. :)

    I don’t know why they would target CreativeOverflow in the first place; it’s a place for learning, not anarchy.

  • http://davidwoodfx.blogspot.com David W.

    Glad the site is back up and fixed. Hackers are a pain aren’t they? Thanks for the great security tips and I hope it doesn’t happen again. :)
    .-= David W.´s last blog ..Doctor Who wallpaper =-.

    • http://www.keepmeinspired.co.uk/ hair care

      Let’s just hope it doesn’t happen again!

  • Pingback: uberVU - social comments()

  • http://skillz-community.net/blog Shurandy Thode

    Thankx bro great tips and great round up! And yes hackers are pain!
    .-= Shurandy Thode´s last blog ..Favorite Caricature of 2009 – #1 [Digg] =-.

  • Derek Land

    You have some good plugins listed above. I’ve already implemented a few myself.

    Thanks!

  • http://ebiene.de Sergej Müller

    My free and effective antivirus plugin for WordPress: http://wpantivirus.com

  • http://designinformer.com Design Informer

    Hey Jacques, glad that you are all back up. Let this be a lesson to everyone.

    I myself have already installed a lot of these plugins. Thanks for the tips bro. You’re very fortunate that you recovered everything, other blogs can’t say the same.
    .-= Design Informer´s last blog ..Gloss’d – A Free Icon Set =-.

  • Pingback: How To Fully Secure Your Wordpress Blog | Creativeoverflow()

  • http://www.bloggerden.com/ Blogger Den

    These are some amazing tips, really great for anybody running a WordPress blog! I’ll have to submit this over to Blogger Den, it’s great to share with the blogging community
    .-= Blogger Den´s last blog ..A Review of Social News Site Mixx =-.

  • Pingback: Roundup of Fresh Wordpress Tutorials | Programming Blog()

  • Pingback: video | ClickLogin Web Design()

  • http://digitalartempire.com/ Benjamin

    good post cheers thers apache wp security plugin thats pretty awesome seems to cover everything
    .-= Benjamin´s last blog ..8 Free Excellent Xmas Brushes [2] =-.

    • http://creativeoverflow.net Jacques van Heerden

      Glad you liked the post :)

  • http://www.inexpensivegiftsformen.net/ Darvin @ Inexpensive Gifts for Men

    Thank you so much for this post. I am new to blogging, and I have been slowly learning about different types of security plugins, but yours is the first post I’ve found that pulls it all together for me.

    I’m bookmarking your site now!
    .-= Darvin @ Inexpensive Gifts for Men´s last blog ..Romantic Christmas Gifts for Men =-.

  • http://www.bookbg.net johndaddy332

    How to protect download links in wordpress??????

  • http://www.greenandchic.com/blog Carla

    Thank you for the tips and info. I think the hardest thing for me is to keep my blog updated. For some reason, I am never able to update automatically (always have to do it manually in cpanel) and I end up screwing something up. I wish there wasn’t so many updates!

  • http://www.ImEnk.com Enk.

    Some awesome Plugins listed there.. to be frank I didn’t knew all of em ! :)

  • Pingback: dot Blog. The week in links 21/12/09()

  • http://www.cartuningguide.com Car Tuning

    I once got hacked and your post has given me some insights into how people do this. I think the biggest risk is from automated hack attacks.

    I would like to run the latest wordpress version but sadly they are never completly stable. I tend to stay one or two updates back.

    I do feel safer now having applied your tips.
    .-= Car Tuning´s last blog ..Welcome to the car tuning website =-.

  • http://side22.com Harry

    Hi Jacques. Thanks for huge tips for securing wp. Number 5 will be great for me, Hopefully.
    .-= Harry´s last blog ..5+ Cara Optimasi CSS =-.

  • http://buildingmaterials.co.uk/store/product_info.php?products_id=769 access panel

    This post can help a lot to WP users. Thanks for posting this.

  • http://tutorijali.hdonweb.com/ Tutorijali HDonWEB

    Great tips :-) bookmarked
    .-= Tutorijali HDonWEB´s last blog ..TwitteRSS na?in pra?enja RSSa =-.

  • http://www.4writers.net Lucy21Mn

    This is surely nice that you spread the great facts connecting to this good post, hence, I suggest to take the assistance from the freelance writers .

  • Pingback: How To Fully Secure Your Wordpress Blog | Creativeoverflow | WpMash - WordPress News()

  • http://www.ermankuzu.com erman kuzu

    You are writing a very nice article. Thank you

  • http://www.shoppinghermes.com hermes kelly bag

    […] Originally posted here: How To Fully Secure Your WordPress Blog | Creativeoverflow […]

    Reply

  • http://www.myhappytel.com.au My Happy Tel

    This is a great piece, I never thought I’d get hack on my own blog but you can never be too sure these days.

  • http://www.essaybank.com/ Essay Writing UK

    I do have a blog and it surely in need to this kind of steps in securing my blog. Thanks for the information and tips you shared in here.

  • http://www.m-akif.net M.Akif

    Nice thnx man.

  • http://ygskatsayi.blogcu.com/ ygskatsayi

    thanks admin

  • http://www.myguncel.com MyGüncel

    Such issues will follow with interest, I thank you for the topic

  • http://www.kimyaturk.org/ chemistry

    Thanks for the information and tips you shared in here.

  • http://www.ingilizcedersanesi.com english

    thank you. great comment about working wordpress, setup backup and others.

  • http://www.filmindirr.net hasan

    Be sure to protect your blog unless you want to be attacked at some stage

  • http://www.sinematv.org sinematv

    this article is very good thank you.

  • http://www.cvornekleri.tk cv örnekleri

    thanks for article. especially spam comments are trouble

  • http://www.hazarkent.com.tr/ Hazar

    Thank you by admin nice.

  • http://www.resimpaylas.org Resim Payla?

    Yeah Blog this is blog beatiful because here good owner.

  • http://www.izle5.net Video Klip izle

    nice site

  • http://freecardsharingme.blogspot.com cardsharing

    I’m only looking for basic instructions on how to change some of these things. I noticed that there is a menu that looks a bit like MS Word. However, there are a few things that I cannot find. Do you know of a written instructional document that I can use to make some basic changes to WP?

  • http://www.avsaadasi.cc av?a adas?

    Good work my friend.Thank you very much

  • http://www.ismailyuksel.com edius dersleri

    thanks post

  • http://www.akek.net/ akek

    your this one is nice too :) thank’s

  • http://www.bilisimforum.org nurettin

    The cache thing is a general problem for any other than (x)html outputs…

  • http://bilgibank.tk/wordpress/ Bilgi

    Thanks a lot in this business startup I have to write a new narrative was a good

  • http://www.oyuntc.com/oyna/mankenoyunlari/ manken oyunlar?

    thank you admin. good post.

  • http://www.pimapenci.com pimapen

    Well that was much simpler than I was expecting. Thanks!

  • http://bilgibank.tk/wordpress/ bilgi

    thanks a lot my friend I would very much like I always had a useful article would like to see us in writing

  • http://www.kemiksiz.net kemiksiz

    A Beautiful post thanx for the information

  • http://www.imtihan.org Kpss Puan Hesaplama

    I want to update my wp-blog, this post is useful for me. Thanks ;)

  • http://www.sinavahazirol.com simao

    Thanks for post! i want to create a wordpress blog

  • http://www.logomatik.net logo

    thanks post

  • http://www.keyifoyun.com oyun

    thahnks you blog

  • http://runningclotheswomen.info running clothes for women

    I am joyful to find so numerous practical information now inside the post, we need build up additional methods in this regard, thanks for sharing

  • http://www.perfilgeek.com Edwin Sandoval

    Hey Jacques, I have been in the same troubles like you, and I write a bash script that let me to automatizate my dairy data backups from another server, I want to share it with your readers:

    http://www.perfilgeek.com/2010-08-30/respalde-de-forma-eficiente-sus-bases-de-datos-mysql/

    Greetings From Chihuahua, Mexico.

  • Pingback: I Love Money 4 Open Thread – Episode 8 | Hollywood Freedom()

  • http://www.blazewebstudio.co.za/marketing_guide Geoffrey Gordon

    Thanks really need this one, two of my clients blogs have been hacked recently this, will help me tighten security.

  • http://www.b2bcm.co.uk Myles Winstone

    A very useful post, thanks. Another plug-in worth mentioning is Secure WordPress which combines several security options together.

    As for stopping spam, we’ve found that SI CAPTCHA Anti-Spam is a great plug-in for adding an CAPTCHA form and helps prevent spam.

  • http://www.thedphoto.com/ Diana Eftaiha

    great list. i have almost all of these already. would you please update this post to a more recent one that touches on newer vulnerabilities and plugins?

  • DougScott

    i used wordpress since i was in high school and honestly i encountered some security problems until today. thank you for sharing this one. from now on, there will be no apprehensions at all. Online Education

  • http://rolling-webdesign.com Theo

    Great and useful article some plugins mentioned here are new to me, thanks!

  • http://diaperscaddy.blogspot.com Diaper Caddy

    Thanks so much for posting this article, i found it very helpful

    Thanks again.

  • http://boosterbath.com/ dog bathing

    I always enjoy reading such posts which provide knowledge based information like this blog. Keep it up.

  • http://www.waterslide-repairs.com/ Water Park Maintenance

    The technology become a part in our life because we sit our
    home can be do online shopping and book the flooring online so nice services
    for the customer. IT is nice facility give also.

     

  • http://www.ihhermesbags.com/ ihhermesbags

    Very creative!! Thanks
    http://www.ihhermesbags.com