default-featured-image-COF

How To Fully Secure Your WordPress Blog

As most of you might have noticed, Creativeoverflow was hacked Friday morning 11th of December. It took me a entire day to get everything back up to date and working correctly again but, everything is back to normal now though. I decided to write this article to help you protect yourself from being hacked or anything in that line.

This post will share some information regarding the usual threats that we bloggers receive and what we can use to prevent future attacks and hacks. Let’s not sit around for too much longer and get going.

Securing Your WordPress Blog

Their are numerous ways to approach a security situation but, working with wordpress their are usually a few threats that will come up first.

They used a Bruteforce Attack to gain access.

They gained access through phishing your info.

They register themselves and work up from there.

There are a few ways they can really gain access to your blog. Technology is getting so advanced that a lot of the hackers don’t have to do hacking themselves anymore they have programs doing it for them. Let’s look at the solutions to use to secure your wordpress blog.

1. WP Security Scan

This plugin scans your entire site for security issues and checks passwords, folder/file permissions, database security, WP version hiding and WP admin protection and security. Don’t use if you have a weak heart, you could get a fright.

Link – http://wordpress.org/extend/plugins/wp-security-scan/

 

2. WordPress Database Backup

This is one of the plugins that you should almost have installed before you even think of installing your new theme. This plugin does exactly what the name says it does, it makes a entire backup of your wordpress content and can easily be managed. The content can either be backedup to a harddrive, server or even a email address. If its a hacker that crashes your WP installion or yourself, this plugin will restore it to its previous greatness.

Link – http://www.ilfilosofo.com/blog/wp-db-backup/ 

 

3. Replace WP-Version

We all know by showing our WP versions we are more likely to be attacked by hackers. This plugins resolves the issue though. If you’re running a older version of wordpress anyone can view the source and then contemplate on what attacks might work against the installed version of wordpress. This plugin replaces the Version cue with a generated string which resolves the issue of showcasing your version.

Link – http://wordpress.org/extend/plugins/replace-wp-version/#post-2859

 

4. WP Spam-Free

Some say this plugin is better than Akismet but, I think it all depends on users choice for which plugin they want to use. I just wish there was a way to stop spammers in general, then we wont have to clean out our spam boxes with so much wasted comments everyday.

Link – http://www.hybrid6.com/webgeek/plugins/wp-spamfree

 

5. AskApache Password Protect

This plugin secures your WP Admin panel with a very powerful htaccess password protection, preventing all unwanted guests and bots to gain access to your site.

Link – http://www.askapache.com/wordpress/htaccess-password-protect.html

 

6. Login Lockdown

Login Lockdown records the IP address and timestamp of every failed WordPress admin login attempt. After a certain number of attempts that are detected within a short period of time from the same IP range,  the login function is disabled for all requests from that range. You can find locked out IP ranges manually from the panel.

Link – http://www.bad-neighborhood.com/login-lockdown.html

 

7. Angsuman’s WordPress Guard Plugin

A must-have WordPress security plugin (compatible with all versions of WordPress) that protects the vulnerable areas of your blog from outside access with an additional layer of security.

Link – http://www.taragana.com/products/free-wordpress-plugins/wordpress-guard-plugin

 

8. Admin SSL

This plug-in will work with both the private and shared SSL connections and it will force a SSL connection in every page where password can or has to be entered. It is very helpful to protect the admin area, posts and all the pages of your WordPress installation and secure the login page.

Link – http://wordpress.org/extend/plugins/admin-ssl-secure-admin/

 

9. Stealth Login

Stealth Login obfuscates your login page by allowing you to define a custom login page rather than the default wp-login.php. In the event that your password is leaked, the hacker will also have a hard time finding the correct login URL. A good use of this is to prevent any malicious bots from accessing your wp-login.php file and attempting to break in.

Link – http://wordpress.org/extend/plugins/stealth-login/

 

10. Tips To Stay Protected

  • Always keep your plugins updated
  • Make sure you backup your databases regulary
  • Always have the latest version of WordPress Installed
  • Protect your blog with a solid Password.

Link – http://www.blogherald.com/2007/05/08/protect-your-blog-with-a-solid-password/

Be sure to protect your blog unless you want to be attacked at some stage, I highly doubt that anyone does.

Jacques is a Serial Entrepreneur and Founder of the An1ken Group. He started Creativeoverflow in 2009 as a hub for creatives. Connect with him: Jacquesvh.com - @Jacquesvh - Facebook - Instagram - Pinterest - Google+

59 Comments
  1. Reply ThisIsInspired December 12, 2009 at 2:16 PM

    Jacques I was shocked to see that happened. I’m glad you’re back up, and have locked things down better. :)

    I don’t know why they would target CreativeOverflow in the first place; it’s a place for learning, not anarchy.

  2. Reply David W. December 12, 2009 at 2:41 PM

    Glad the site is back up and fixed. Hackers are a pain aren’t they? Thanks for the great security tips and I hope it doesn’t happen again. :)
    .-= David W.´s last blog ..Doctor Who wallpaper =-.

    • Reply hair care October 3, 2011 at 3:29 PM

      Let’s just hope it doesn’t happen again!

  3. Reply Shurandy Thode December 12, 2009 at 4:01 PM

    Thankx bro great tips and great round up! And yes hackers are pain!
    .-= Shurandy Thode´s last blog ..Favorite Caricature of 2009 – #1 [Digg] =-.

  4. Reply Derek Land December 12, 2009 at 4:36 PM

    You have some good plugins listed above. I’ve already implemented a few myself.

    Thanks!

  5. Reply Sergej Müller December 12, 2009 at 4:55 PM

    My free and effective antivirus plugin for WordPress: http://wpantivirus.com

  6. Reply Design Informer December 12, 2009 at 6:38 PM

    Hey Jacques, glad that you are all back up. Let this be a lesson to everyone.

    I myself have already installed a lot of these plugins. Thanks for the tips bro. You’re very fortunate that you recovered everything, other blogs can’t say the same.
    .-= Design Informer´s last blog ..Gloss’d – A Free Icon Set =-.

  7. Reply Blogger Den December 12, 2009 at 10:52 PM

    These are some amazing tips, really great for anybody running a WordPress blog! I’ll have to submit this over to Blogger Den, it’s great to share with the blogging community
    .-= Blogger Den´s last blog ..A Review of Social News Site Mixx =-.

  8. Reply Benjamin December 17, 2009 at 6:54 PM

    good post cheers thers apache wp security plugin thats pretty awesome seems to cover everything
    .-= Benjamin´s last blog ..8 Free Excellent Xmas Brushes [2] =-.

  9. Reply Darvin @ Inexpensive Gifts for Men December 21, 2009 at 7:32 PM

    Thank you so much for this post. I am new to blogging, and I have been slowly learning about different types of security plugins, but yours is the first post I’ve found that pulls it all together for me.

    I’m bookmarking your site now!
    .-= Darvin @ Inexpensive Gifts for Men´s last blog ..Romantic Christmas Gifts for Men =-.

  10. Reply johndaddy332 December 27, 2009 at 3:42 PM

    How to protect download links in wordpress??????

  11. Reply Carla December 28, 2009 at 5:13 AM

    Thank you for the tips and info. I think the hardest thing for me is to keep my blog updated. For some reason, I am never able to update automatically (always have to do it manually in cpanel) and I end up screwing something up. I wish there wasn’t so many updates!

  12. Reply Enk. December 29, 2009 at 12:36 PM

    Some awesome Plugins listed there.. to be frank I didn’t knew all of em ! :)

  13. Reply Car Tuning January 15, 2010 at 10:11 AM

    I once got hacked and your post has given me some insights into how people do this. I think the biggest risk is from automated hack attacks.

    I would like to run the latest wordpress version but sadly they are never completly stable. I tend to stay one or two updates back.

    I do feel safer now having applied your tips.
    .-= Car Tuning´s last blog ..Welcome to the car tuning website =-.

  14. Reply Harry January 23, 2010 at 6:07 PM

    Hi Jacques. Thanks for huge tips for securing wp. Number 5 will be great for me, Hopefully.
    .-= Harry´s last blog ..5+ Cara Optimasi CSS =-.

  15. Reply access panel January 27, 2010 at 3:39 AM

    This post can help a lot to WP users. Thanks for posting this.

  16. Reply Tutorijali HDonWEB January 28, 2010 at 9:25 PM

    Great tips :-) bookmarked
    .-= Tutorijali HDonWEB´s last blog ..TwitteRSS na?in pra?enja RSSa =-.

  17. Reply Lucy21Mn February 3, 2010 at 4:43 AM

    This is surely nice that you spread the great facts connecting to this good post, hence, I suggest to take the assistance from the freelance writers .

  18. Reply erman kuzu June 14, 2010 at 11:26 AM

    You are writing a very nice article. Thank you

  19. Reply hermes kelly bag July 9, 2010 at 9:27 AM

    […] Originally posted here: How To Fully Secure Your WordPress Blog | Creativeoverflow […]

    Reply

  20. Reply My Happy Tel July 27, 2010 at 9:07 AM

    This is a great piece, I never thought I’d get hack on my own blog but you can never be too sure these days.

  21. Reply Essay Writing UK August 26, 2010 at 5:31 AM

    I do have a blog and it surely in need to this kind of steps in securing my blog. Thanks for the information and tips you shared in here.

  22. Reply M.Akif August 28, 2010 at 12:36 AM

    Nice thnx man.

  23. Reply ygskatsayi August 28, 2010 at 4:18 AM

    thanks admin

  24. Reply MyGüncel August 28, 2010 at 11:28 AM

    Such issues will follow with interest, I thank you for the topic

  25. Reply chemistry August 28, 2010 at 12:28 PM

    Thanks for the information and tips you shared in here.

  26. Reply english August 28, 2010 at 1:16 PM

    thank you. great comment about working wordpress, setup backup and others.

  27. Reply hasan August 28, 2010 at 11:00 PM

    Be sure to protect your blog unless you want to be attacked at some stage

  28. Reply sinematv August 29, 2010 at 2:54 PM

    this article is very good thank you.

  29. Reply cv örnekleri August 29, 2010 at 3:05 PM

    thanks for article. especially spam comments are trouble

  30. Reply Hazar August 29, 2010 at 8:01 PM

    Thank you by admin nice.

  31. Reply Resim Payla? August 29, 2010 at 9:50 PM

    Yeah Blog this is blog beatiful because here good owner.

  32. Reply Video Klip izle August 29, 2010 at 10:20 PM

    nice site

  33. Reply cardsharing August 30, 2010 at 1:48 AM

    I’m only looking for basic instructions on how to change some of these things. I noticed that there is a menu that looks a bit like MS Word. However, there are a few things that I cannot find. Do you know of a written instructional document that I can use to make some basic changes to WP?

  34. Reply av?a adas? August 30, 2010 at 7:55 AM

    Good work my friend.Thank you very much

  35. Reply edius dersleri August 30, 2010 at 9:48 AM

    thanks post

  36. Reply akek August 30, 2010 at 3:57 PM

    your this one is nice too :) thank’s

  37. Reply nurettin August 30, 2010 at 8:17 PM

    The cache thing is a general problem for any other than (x)html outputs…

  38. Reply Bilgi August 30, 2010 at 8:47 PM

    Thanks a lot in this business startup I have to write a new narrative was a good

  39. Reply manken oyunlar? August 31, 2010 at 2:17 AM

    thank you admin. good post.

  40. Reply pimapen August 31, 2010 at 4:29 AM

    Well that was much simpler than I was expecting. Thanks!

  41. Reply bilgi September 4, 2010 at 3:08 PM

    thanks a lot my friend I would very much like I always had a useful article would like to see us in writing

  42. Reply kemiksiz September 4, 2010 at 11:22 PM

    A Beautiful post thanx for the information

  43. Reply Kpss Puan Hesaplama September 5, 2010 at 2:04 PM

    I want to update my wp-blog, this post is useful for me. Thanks ;)

  44. Reply simao September 5, 2010 at 10:31 PM

    Thanks for post! i want to create a wordpress blog

  45. Reply logo September 9, 2010 at 9:06 AM

    thanks post

  46. Reply oyun September 15, 2010 at 5:26 PM

    thahnks you blog

  47. Reply running clothes for women September 21, 2010 at 5:12 PM

    I am joyful to find so numerous practical information now inside the post, we need build up additional methods in this regard, thanks for sharing

  48. Reply Edwin Sandoval September 25, 2010 at 7:33 PM

    Hey Jacques, I have been in the same troubles like you, and I write a bash script that let me to automatizate my dairy data backups from another server, I want to share it with your readers:

    http://www.perfilgeek.com/2010-08-30/respalde-de-forma-eficiente-sus-bases-de-datos-mysql/

    Greetings From Chihuahua, Mexico.

  49. Reply Geoffrey Gordon November 15, 2010 at 8:31 AM

    Thanks really need this one, two of my clients blogs have been hacked recently this, will help me tighten security.

  50. Reply Myles Winstone December 9, 2010 at 3:46 PM

    A very useful post, thanks. Another plug-in worth mentioning is Secure WordPress which combines several security options together.

    As for stopping spam, we’ve found that SI CAPTCHA Anti-Spam is a great plug-in for adding an CAPTCHA form and helps prevent spam.

  51. Reply Diana Eftaiha February 1, 2011 at 4:53 PM

    great list. i have almost all of these already. would you please update this post to a more recent one that touches on newer vulnerabilities and plugins?

  52. Reply DougScott February 8, 2011 at 2:38 PM

    i used wordpress since i was in high school and honestly i encountered some security problems until today. thank you for sharing this one. from now on, there will be no apprehensions at all. Online Education

  53. Reply Theo April 21, 2011 at 11:30 PM

    Great and useful article some plugins mentioned here are new to me, thanks!

  54. Reply Diaper Caddy September 27, 2011 at 3:21 PM

    Thanks so much for posting this article, i found it very helpful

    Thanks again.

  55. Reply dog bathing June 1, 2012 at 8:43 AM

    I always enjoy reading such posts which provide knowledge based information like this blog. Keep it up.

  56. Reply Water Park Maintenance June 1, 2012 at 8:51 AM

    The technology become a part in our life because we sit our
    home can be do online shopping and book the flooring online so nice services
    for the customer. IT is nice facility give also.

     

  57. Reply ihhermesbags April 10, 2013 at 11:05 AM

    Very creative!! Thanks
    http://www.ihhermesbags.com

Leave a Reply