The previous article in this series on WordPress security focused on the code running your WordPress blog. Here are four more security precautions that you should take to keep your WordPress blog safe.
Use strong passwords
This is an obvious good security practice, but too often forgotten. Make sure all your passwords are strong: your admin account, the ftp account and any other WordPress accounts that have any edit privileges.
There are many online articles about how to select good passwords, so there’s no need to repeat that here. Just ensure that you adhere to the advice contained in these articles and refrain from copying the passwords they list.
Use SCP in lieu of FTP
The availability of good FTP programs makes transferring files to and from your hosting server onto your blog simple and convenient. If you can easily move files locally, most FTP programs will work for you. Search online for one that works for you.
Instead of FTP, which can make your server log-in information easily visible, I suggest you use Cyberduck for OS X and WinSCP for Windows so that the same information is more secure while being sent to your server.
To use SCP you need to enable SSH login on your server. And while you’re at it you should disable FTP.
Your theme should be write-protected
It looks as if there is an exploit circulating that alters existing WordPress themes and adds links to spam or even pernicious iframes. There is a way around this: just change any permission files on your WordPress themes folder to 755 and all files within that folder to 644. The only downside is the fact that whenever you want to make any theme changes, you’ll have to send any such file to your web server via file transfer protocol.
Most plugins write their data to the directory where they are installed. This makes write protection of the plugins directories impossible.
Look at the HTML code of your web site regularly
You should view the HTML source of your web site often. If you find chunks of encrypted JavaScript, embedded IFRAMEs or hidden links to sites you don’t know, then your blog may have been compromised. The reason to do this often is so that you can discover any issues before Google does and blacklists you, or any of your readers get infected by malicious software distributed by your site.
Read more of Nick Dalton’s WordPress security articles on his blog for Internet business owners and bloggers at TipsTricksToolsTechniques.com.
- Nick Dalton
Tags:
account,
art,
article,
articles,
blog,
busines,
Business,
form,
google,
host,
hosting,
information,
Internet,
Internet,
internet business,
JavaScript,
Links,
Online,
pr,
search,
security,
security tips,
server,
site,
software,
Source,
web,
WordPress,
wordpress blog,
wordpress themes,
www
Related posts
- Tips on Web Hosting
A website can be created with a variety of purposes but the basic idea is to share information, news, views and thoughts. Small businesses know the importance of web hosting services and that value can be measured in profits - to the tune of billions of dollars. Web hosting enables you to get your small business known to the world. With a properly hosted website you can popularize your company and brand across the globe, especially to the target audiences who cannot be informed otherwise. To experience the benefits of creating websites, one needs to be careful while selecting a web host for an ecommerce website. Finding the best web hosting is often difficult and demands a lot of study and research work. When you look for information on web hosts, over the internet, several results come up. But the question is who these hosts are? Are they reliable? Can they provide you all sorts of benefits that are required? It is very essential to get answers to these questions before venturing for any web hosting service.
- How to Get a Free Domain Name
Online business costs are escalating rapidly. There are several types of fees included in an online business such as domain registration fees, web design fees, monthly hosting fees, and email hosting fees etc. Though the domain name registration fees do not involve a huge amount, it is a recurring annual cost. Moreover, the larger business organizations often require to register for multiple domain names. Therefore getting a free domain name registration from the web hosting company is a helpful and convenient way to cut off the bills up to an extent. These kinds of domain names serve the purpose of declaring the web presence of an online or real world business without paying the cost of domain registration fees. However, this includes a thorough knowledge about the facts and figures to get free domain name.
- What is Free Web Hosting?
Many times small businesses wishing to gain exposure online have a limited budget. They seek out services that offer free hosting services to ease their expenses. This is usually true for companies wanting to try an online business for the first time. This type of web hosting is offered by various companies to help small business get started. The whole idea behind free web host services is simple: the web host allows for free service for a small business in order to put a website online. In order to do this the host company puts ads on the client's website so that they can get some return for the space given. This type of free service is supported entirely by the web host's advertisements and comes with some limitations.
- Secure Your Blog From Threats With These Four Security Tips
Online forums have been swamped with stories of blogs being broken into and then blocked by Google for spreading badware. You should always adhere to these WordPress security tips to avoid your blog being hacked and having to face that kind of situation.
Stay current with the latest secure version
The latest WordPress version, 2.3.3, is the [...]
- How to Host Your Own Blog
There is no doubt that blogs or weblogs are the in thing at the moment. A blog is the equivalent of a diary that is published on the internet and it allows the blogger to regularly post about their thoughts, feelings, musing and opinions that they want the world to know about. These posts are meant to be truthful expressions and something that people want to share with the world at large. A blog can be about any topic at all and it doesn't have to just use words, it can use images or video clips too.
Tags: account, art, article, articles, blog, busines, Business, form, google, host, hosting, information, Internet, internet business, JavaScript, Links, Online, pr, search, security, security tips, server, site, software, Source, web, WordPress, wordpress blog, wordpress themes, www
This entry was posted
on Monday, March 3rd, 2008 at 5:03 pm and is filed under Internet.
You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
