Tips for protecting your blog
There's an Open Discussion For Dealing With Site Crackers going on at SEO Scoop wherein Donna asks for methods of protecting sites from hacking. While that's a big topic, I'll bite. If we're talking about blogs:
- Take the "stats" line out of the head area; WordPress needs stats less than you need not to tell anyone what version you're running.
- Password-protect the wp-admin directory (this means you'll have to log in twice to get to the Dashboard)
- Do not require that people register before they post (see above); that's less useful than protecting your admin directory
- Have good passwords, and change them regularly
- Do not leave directories CHMODed to 777. Yes, I know the WordPress internal image uploader is neat, but I put images on my blogs the same way I do them for regular websites: by FTP
- Use good passwords on your hosting account as well, and change them regularly
On your computer, use a *good* anti-virus program (which may not be what came with it). I've visited websites (one from a link in a Sphinn submission) that tried to lay keystroke loggers on my machine. That means they could get login information, among other things.
What's a good anti-virus program? You might be surprised. virus.gr runs comparative tests where they throw a large number of viruses (and other stuff) at anti-virus programs, and rate them. See Comparative tests of antivirus programs.
Heck, while you're at it, get a real firewall (that's hardware, not software) for your computer. And if you're using WiFi, take precautions because you're broadcasting information.
And here's Fighting Blog Hacks: Preventing And Eliminating Intruders, a good, very detailed read.
6 Comments to "Tips for protecting your blog"
Have your say ...
First-time comments will be held for moderation (but comments are appreciated). Otherwise, just be courteous. If your name is a bunch of keywords, your comment will be deleted. Don't post links unless highly pertinent. Posters must be 16 or older.