Security again… sigh.
I am trying to figure out how to ip deny certain ip addresses from visiting (read: hacking) my blog as a bit of preventive security. I spent a couple hours yesterday cutting and pasting ip addresses from my cpanel stat files into an excel spread sheet so I could easily cut and paste individual ip addresses (from .ru and .vt) into the IP Deny Manager under the Security section of cpanel. Easy enough, right?
No, I know. For most people this is total gibberish. And this is just what hackers count on.
WordPress is the most hacked blogging platform on the inter-webs-cyber-grid-o-rama. Why, because next to Tumblr, WordPress is the most popular blogging platform. It only makes sense that villains would target the biggest market.
I will eventually move off of WordPress to a more secure platform, but I know that no platform is completely secure. Might I add that this is especially true now that we know that NSA is building and requiring backdoors into everything. Sigh again.
There are some things you must do right now to secure your WordPress site if you have not done so already.
- Go to Sucuri and scan your site(s).
- Change your passwords to log into your blogging dashboard and your cpanel on your hosting account.
- Install the Akismet plugin. Do this from your blog’s dashboard. It is about half way or so down the left side column. Pay them something, even a couple bucks, even though you can get it for free.
- At the very top of that same left column you can click at the top on Dashboard. You will see “Home” and “Updates” and maybe some other things dependent upon what you have installed on your blog. click on updates. You will want to install the latest version of WordPress and the latest version of each and every one of your plugins. But BEFORE you click update, do a backup of your blog. How? Simple.
- Go to that left column again. Under the “Tools” section select “Export.” Save the .xml file on your computer. In doubt about what parts to click to save? Just select them all.
- Now you can manually go through and update your versioin of WordPress and each Plugin. Do this immediately any time an update becomes available. You should always have the latest version of any and all software. Yes, you will have to check this out a couple times a week by going to the “Updates” section of you dashboard.
There is much more you can do, but that is enough for today. I will cover some other simple things you should be doing to keep you site safe in other posts later this week.
G’luck.
I don’t use wordpress, but thanks for all the good info. Great to know in case I ever switch over.
It is always good to know what’s out there. Thanks for stopping by.
I have the paid Sucuri plugin for my blog and it is the best money I ever spent. Even cuts down on Spam comments!
I’ve “attended” their webinars, and the info is always useful, solves a problem or three, and understandable. Glad to know others find them to be good. Thanks for sharing!
woah, I’m still diving into blogging, but man! I will have to put this on my research list!
It is always good to be informed!
I always back up!!! Even when I’m not updating.
Smart woman!
I was seriously thinking of switching to WordPress, and I was aware of some problems, but not this in particular. Now I have something else to think about. Thanks for sharing this info.
Like we all need more on our plates, I know. Research is needed.
Just another reason not to use wordpress I guess. Thanks for the info
Cloud hosting may take some of the problems away that come with any self-hosted sites.
Nancy I knew nothing about any of this! Thank you! I actually printed out the post so I can go through all the steps.
Sandra, you have made my day. This is why I do this!
Oh, great idea Sandra. I’m going to print this out also. I’ll also tweet and Facebook this. Today i received a bunch of emails stating that:
16 failed login attempts (4 lockout(s)) from IP: 27.55.146.250
Last user attempted: adm
IP was blocked for 24 hours
So I have freaked out and made my password REALLY hard. But now I will go back and review your information. Thank you so much Nancy.
Nancy I tried to tweet and facebook this article but couldn’t. Why?
That is a very good question, Sandra! Let me check a couple things.
I logged out and visited my site as a generic person and both systems of sharing work from my computer. The ones at the top should give you a talk bubble when you hover that you can then click. Were you using top, bottom, or side share buttons?