The aftermath of the on-going hacks directed at major hosting services continues to cause pain with those trying to clean up and restore their sites. Once again we at WPSecurityLock.com want to stress that these attacks are not limited to any one platform or any one hosting company. We have had reports for not only WordPress installations, but Joomla, Pligg and “Simple Machines Forum” as well.
This afternoon, Go Daddy reached out to us … click here to read more over at WPSecurityLock.
On May 1, 2010, Hosting providers were hacked again with malicious attacks similar to last month containing the kdjkfjskdfjlskdjf dot com code. WPSecurityLock has reported several sites that have been hacked for a second time. The variation appears to be the same script redirecting to different domains.
The recent attacks on self-hosted WordPress blog sites has expanded to the Joomla and Pligg platforms as well as WordPress…. Click over to WPSecurityLock to read the rest of the story
Is Your City In The Top 10?
I read with interest today an article going around (“Norton ranks riskiest cities for cybercrime” by Lance Whitney on CNET news). It is about the Top 50 Cities for cybercrime attacks. Since my town, Atlanta, was number 6, I paid even more attention. I suggest that you read the article and think about your on-line security.
Street crime versus Cybercrime
One of the things that struck me was how cybercrime mirrors crime in the physical world. You may have a Neighborhood Watch on your street, but there aren’t too many equivalents on the Internet. There are great things going on like Project Honeypot. Read about them here to get an idea how a community is working together to fight the hackers. But in general, I believe the casual family users of the Internet have no clue on how risky it is. You must take responsibility and educate your self to the real dangers.
Education – get “street smart”
The anti-virus vendors do a decent job of education, for example, see this article about Symantec laying things out with a mock “hackers” storefront. Perhaps looking a fake hacker tools in nice shrink-wrapped packages will make an impression that the tools are out there and the bad guys are using them to mine your confidential data and send tons of spam. The Microsoft Online Safety site has some user-friendly advice on protecting your family, data and computer.
WordPress Blog Security
If you address in cyberspace is a WordPress self-hosted blog, then this news if for you. Wake up and pay attention! I recently read an article it is not a matter of “if” you will be attacked, but WHEN. My focus is tech support for the Internet Marketer community. My goal is to teach others how to secure their sites and minimize risk. Please read my previous article on blog security to get started.
Take Action Today!
Do your homework and secure your sites. Don’t take for granted your free anti-virus software is going to protect you. Study and learn what you need to do to protect your data – both personal AND business! Let me know what you have learned lately.
Last night was a great experience with a live webinar from WPSecurityLock! The event was “WordPress Security Webinar: Six Things You Need to Know”. It was hosted by Regina Smola.
Some of the folks on the call were new friends from the recent NAMS convention in Atlanta. We were attending the webinar to learn about securing our blogs and sites. From a poll taken during the event more than half of the attendees had been hacked or had some problems with security.
Here is the key thought for you to take away from my lessons learned; If you are are running a self-hosted WordPress installation on a hosting service, you MUST secure your blog!
Here’s my story…
Last evening, while listening to the webinar and taking notes, I decide to try some of the tips “real-time” and ended up with a login page with errors and unable to login to administer the blog! OUCH!!! This happened near the end of the Q and A portion of the webinar, so Regina graciously offered to assist in helping me fix my site. Over the next hour or so, I quickly learned that she is a true expert in WordPress and we uploaded, downloaded, renamed and tweaked in a valiant attempt to get the login page fixed. Bottom line was it was getting to be a long night and we agreed to adjourn until the next day. Regina emailed me some things to try today and I worked through them in a step by step fashion. However, my login page was still busted.
Flash back a couple of days…. I recently installed an anti-virus plugin to test and had received an email warning to check my blog for suspicious activity. Perhaps I should have paid attention. Now on to the good news!
I was able to turn things around this evening using my iPhone! Yes, there’s an app for this too! I was able to use the WordPress app on my iPhone to access my blog and login and change themes. (I was suspicious that the theme I was testing was the culprit). So after changing the theme I was able to login successfully from by browser. I did not realize how happy I would be to see my that familiar WP Dashboard. Hurray!
I cannot express to you how much I appreciate the help and persistent patience from Regina. She is a true professional and has the heart of a teacher. If you need help installing and securing your WordPress blog, do not hesitate to use her expertise.
So learn from my miscues and get serious about your WordPress Blog Security!
What steps are you taking to secure your site?
It’s time to get serious about WordPress Blog Security!
While researching WordPress security issues, I came across WP Security Lock. These folks have dedicated themselves to helping protect the WP community from hacking and making their blogs more secure. Read on to find out why you need to attend the upcoming webinar.
A word to those with self-hosted WordPress blogs
I want you to think about this… Many of us got started in blogging because it is so easy…or so it seems. We went to a domain registration service, we got a domain name. We found a hosting service. We use our cPanel tools and installed WP with one click. After redirecting DNS and thinking we are the geekiest of the geeks, we wrote a couple of posts and we were up and running. So far, so good! Then one day… our site is looking funny, Google reports us as an untrusted site…links to unsavory sites show up. We have been hacked!
Don’t let this happen to you! Get serious about your blog security. Don’t throw away hours of productive time by being careless.
I am taking action. How about you?
Here is something I am doing to learn more about protecting my sites. I am going to attend the upcoming WordPress Security Webinar hosted by WPSecurityLock. I invite you to do the same. Just because the greatest software in blogging is free does not mean there is a cost to maintain your blog. Get serious about security and attend the webinar on February 24th.!
Below is my affiliate link to sign up. Please consider the risk and potential costs of NOT being educated in this area.
Do it! Click on the Webinar below and I’ll join you there!
Today I read a tweet about someone’s domain name service and site getting hacked. This is a painful thing to go through and I would like to encourage all the WordPress folks out there with a self-hosted site to take responsibility for your site’s security. An attack can cost you time, money and embarrassment, so wake up and tighten up your blog! Do yourself a favor and research blog security and use some common sense to protect your site and your business. At the very least get these plugins and tools in place:
- Backups – you must backup your site on a regular basis. No backup, no restore, no business.
- Update to the latest version of WordPress! But only after taking care of Number 1!
- Askimet – great free anti-spam tool from Matt and the Automattic folks.
- Firewall – research and pick one. Set the firewall to email you with alerts
- Antivirus – reasarch and pick one. The growth rate of malware is off the charts.
- Security Scanner – find a plugin to do an analysis of your blog and follow its recommendations.
- Password protection – use strong passwords, at least 8 characters, numbers and special characters.
- Logs – check your logs in your cPanel for signs of the bad guys poking around.
- Admin User – create a replacement user with admin rights and delete the “admin” user – why give them half of your login?
- Password Attempt locking tools – research and pick one.
There are plenty more ways to lock down and protect your site. This list is to get you thinking. Is there anyone out there with more suggestions? What is working for you?
My wife and I recently attended the Network Affiliate Marketers Seminar (NAMS) in Atlanta and had a great time. One of our favorite presentations was by Bob The Teacher Jenkins. Taking his teaching skills and matching them up with top notch web skills and a sound business plan resulted in strong success. As a result, Bob was able to replace a school teacher’s salary with a full time career in Internet marketing.
One of the greatest things about the Internet is all the great resources that are available for free. For example, WordPress is the top blogging software available and there is no cost to install and use it. To easily maintain the quality and control of your WordPress blog, I recommend using a hosting service such as Hostgator and using the CPanel tool within HostGator to manage your sites. Bob has developed a video course “Discover cPanel” that will lead you step-by-step on how to use the CPanel to manage your site and get the most value from your hosting dollars. Bob’s easy teaching style will help you get up and running much more quickly than if you tried to spend the time to learn it on your own. (Of course, if you have never heard of a CPanel, then Bob’s video course is definitely for you!)
So, if you have your domain name registered and have opened an account with your hosting service, go deeper with Bob’s “Discover cPanel” videos and reap the benefits!
After the recent layoffs at my company, one of my friends called and wanted to come by with the book she had written. I was pleasantly surprised! So many of us talk about writing our book but few actually DO IT!. The author came to our weekly meeting and brought a few books to sell and tell us her story. It was very inspiring. Afterwards, I asked is she had a website or blog to promote the book and she did not. So I immediately came up with a list of ideas for her on how to market her book with blogs and social media . I have been studying Internet marketing and Social Media and all my homework paid off in a simple step-by-step plan for someone new to web marketing. This article is the result of that conversation.