Site Security, Again…

There is a security update for self-hosted WordPress sites that you need to install. It is numbered 3.4.1 and it contains security updates.

  • Back up your site.
  • Run the update.
  • Update your BPS Security installation, or update whatever site security softwear you use. You may have to create new, updated .hta accesss files. Then you will have to reactivate the BPS coverage of them.
Security updates are critical to your site’s ssmooth functioning. There are times when I sigh and remember the days of using Google’s Blogspot hosting. I decided I just couldn’t risk the continued control of my site by some other entity. I loved the ease of site design , the no-cost option, and not having to deal with spam. BUT I worried about the option Google could exercise to take my site down with no warning to me. Is that ever worth? Unless I backed up constantly to some external site or drive, the answer for me was a resounding, “No.”

I have invested too much of my soul into my writing to risk losing all those captured thoughts, or allowing someone else to control them. I also wanted to host my own images for the same reasons.
Wordpress was the logical choice for me. I will admit that at first I did not understand what a huge security risk I was taking with this step. Live and learn. I learned a great deal about the real differences between a url, a domain, a site, a host, the site software, intellectual property, and a huge amount of other information about how I put my thoughts out on the web.
Because I had next to no funds to pay someone else to create and maintain sites for me, when I first started doing this,I learned how to do it myself.
I’m continuing to learn how to do as much as I can for myself. I have played aroud with Drupal CMS (content management system) sites in the past and will eventually use Drupal for some of my sites. But some of my main strengths are my skepticism and my DIY attitude. So I am not apt to give in and 1) believe everything I’m told, and 2) allow anyone else to do for me what I cannot do for myself.
One of my friends simply delights in telling WordPress users that something like, he says, 87% of WordPress sites are infected with malware. I say, that may be true, but 50% of those sites have taken absolutely no steps toward securing their site.
Get http://www.akismet.com to stop spam comments. Require that people leaving comments prove they are human the first time they leave a comment by having to fill out name and website; this is an option under the discussion settings on your dashboard.

And MOST IMPORTANTLY of all, make sure that your cpanel settings, through which you access your hosting services, have anonymous ftp disabled. You do not want to allow anonymous access through which someone could upload files, malware, and all sorts of nefarious software onto your server. Seriously, if you don’t know how to do this, or how to find out whether it is enabled, talk to your hosting company or the person or company you use to maintain your WordPress site and make sure anonymous ftp access to your server is disabled.
Don’t be freaked out, just start doing and eventually it all falls into place.


Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *

CommentLuv badge

This site uses Akismet to reduce spam. Learn how your comment data is processed.