WordPress security is an important issue for wordpress bloggers. I maintain a network of about seven blogs, and thank God none have been hacked yet. Last year I installed a blog for a client, and recently she came to me saying that her blog had been hacked.
A hacker had gotten in and embedded some malicious code, so Google blocked it. Now imagine if your blog that you had worked on for months to develop a stream of traffic and revenue got hacked and then banned? Does the thought give your chills? It did for me, so I have taken this as a warning and I’ve done a little bit of research on WordPress security.
Since I am by no means an expert on this topic, I came up with some links to a few good blog posts about blog security that should be helpful to you:
Here are five of the tips that I gleaned from these articles that I plan to implement immediately:
• Always update to the latest version of WP. WordPress developers take security seriously. As new potential security vulnerabilities are discovered they are cleared up in subsequent versions.
• Back up regularly using the WP DB Backup plugin. Set a schedule and stick with it. Otherwise, you may be kissing your hard work goodbye.
• Change your username and password regularly. Don’t use the word ‘password’ for your password. Use a secure password which should be at least 7 digits, not a word in the dictionary or a name, contain numbers and letters and a capital letter.
• Add an index.html file to hide the contents within your directory. Upload to your ‘plugins’ directory to help prevent unwelcome intruders from seeing the plugins you are running. Just open up a Notepad file and save the blank file as index.html.
• Add a security plugin. WP Security Scan is a good one: http://wordpress.org/extend/plugins/wp-security-scan, but there are many others to be found at wordpress.org.
Take a minute and put these security measures in place so that your blog will be secure.
Please share your favorite blog security methods here.