As most of you know, I offer WordPress consulting/tech help to other bloggers and online business owners. Well one of my client’s website recently got hacked. :( The hacker slipped in through an outdated theme on a site that is not being used anymore. But she has other sites on the same web host so naturally all of her other sites were effected too. This client has 20+ websites and two weeks later we are still cleaning up the mess.
I’m no web security expert so my client brought in Regina from WP Security Lock. I have learned a lot just from watching her work. :) If you want to learn more about WordPress security, she is lady to learn it from.
I’v been hacked in the past, but it was nothing like this. I don’t want what happened to my client to happen to me or to any other blogger. It is not fun. So here are some tips to stay proactive in your blog security.
- [pullquote position="right"]Take blog security seriously. Do your homework. Find out what options you have and take the best defensive you can against hackers.[/pullquote]
- Backup your blog regularly. Don’t rely on your web host to back up your site. It is your responsibility to backup your blog. It you do get hacked you can go back to a previous non-hacked version. I use Backup Buddy to back up all of my sites and love it.
- Keep your blog software, theme and plugins up-to-date. In my experience most sites get hacked through outdated software. If a theme or plugin you want to use hasn’t been updated in a while, you probably shouldn’t use it either.
- Remove unused themes and plugins immediately. See above. J
- Remove all sites not currently active. Most web hosts allow you to run multiple sites from one account. If you have a site that you are no longer using but is still active on your host, remove it. Sites that are not active get neglected and not updated regularly.
- Hide everything. You can hide your WordPress login and admin links so that hackers can’t find them. Using the Better WP Security plugin will help with this.
- Subscribe to WP Security Lock Email List. You have to stay on top of what is having in the Internet hacking world. If you are using WordPress, WP Security Lock is a great resource to find more ways to keep your site secure and to get notifications of when new vulnerabilities are found and how to fix them.
I can’t express how important it is to protect your blog. You don’t want all you hard work going down the drain because a hacker got in. There is no way to be 100% hack-proof, but being proactive goes a long way.