Today I read a tweet about someone’s domain name service and site getting hacked. This is a painful thing to go through and I would like to encourage all the WordPress folks out there with a self-hosted site to take responsibility for your site’s security. An attack can cost you time, money and embarrassment, so wake up and tighten up your blog! Do yourself a favor and research blog security and use some common sense to protect your site and your business. At the very least get these plugins and tools in place:
- Backups – you must backup your site on a regular basis. No backup, no restore, no business.
- Update to the latest version of WordPress! But only after taking care of Number 1!
- Askimet – great free anti-spam tool from Matt and the Automattic folks.
- Firewall – research and pick one. Set the firewall to email you with alerts
- Antivirus – reasarch and pick one. The growth rate of malware is off the charts.
- Security Scanner – find a plugin to do an analysis of your blog and follow its recommendations.
- Password protection – use strong passwords, at least 8 characters, numbers and special characters.
- Logs – check your logs in your cPanel for signs of the bad guys poking around.
- Admin User – create a replacement user with admin rights and delete the “admin” user – why give them half of your login?
- Password Attempt locking tools – research and pick one.
There are plenty more ways to lock down and protect your site. This list is to get you thinking. Is there anyone out there with more suggestions? What is working for you?