Written on January 4, 2010 at 4:00 pm by Rishabh

Tips For Securing Your WordPress Blog Against Hacking Attempts

Filed under Blog Labs, Tips & Tricks, WordPress StumbleUpon.com

wp-hacked

Recently, there have been many hacking attempts on blogs over the internet. A worm also spread in past few weeks, which affected the wordpress installation by installing malicious php codes in the blog header files. Having a secure wordpress blog should be given prime importance by any web master. In this post, we are sharing with you some security tips so that your wordpress blog is never defaced by the bad guys:

# Block everybody from searching your entire server

Searches for a blog means two things. The external and the internal searches. External searches bring traffic to a blog from search engines, while internal searches help users to find the required content within the blog. In either case, DO NOT use

<?php echo $_SERVER[‘PHP_SELF’];?>

in your “search.php” Instead, use:

<?php bloginfo (‘home’);?>

# Do not leave your directories open for public browsing

Very large number of WordPress blogs have Meta tags enabled which make their blogs, prone to hacking attempts. Following tag, in your header.php shows current version of wordpress

<meta content=”WordPress &lt;?php bloginfo(’version’); ? /&gt;” name=”generator” />

# Take Regular Backups

Backup is the most important thing for anyone. Popular and big websites take complete backup of their databases, several times a day. We do not recommend you taking backup so frequently, but at least a daily backup should be taken. For making things easier, you can take the help of WordPress Database backup Plugin

# Use SSH/Shell access instead of using FTP

If some hacker triggers a sniffing attacks to your FTP requests, he can manipulate your files and add spam to your side. Using SSH/Shell access is recommended because everything, included file transfers is encrypted in this method.

# Always have a strong admin password

Last, but not the least, you should have a very strong admin password, which is NOT a dictionary word/phrase. Having a strong password is the easiest defense against being hacked.

Related posts:

  1. What To Do After Your WordPress Blog Gets Hacked
  2. How To Add Google Buzz Button In WordPress And Blogspot Blogs
  3. 10 Features To Check Out In WordPress 3.0
  4. How to import your wordpress blog posts to facebook fan page
  5. HOW TO: Prevent Others From Stealing Images From Your Blog
2 Comments Post a Comment
  1. shivaraj says:
    January 7, 2010 at 3:49 pm

    I use plugin wp-login attemp lock and you can remove username as admin and create a user and grant admin status and delete admin .thats bettet.
    thanks for update .

    Reply
  2. Gopal Tathe says:
    April 14, 2010 at 8:14 pm

    nice post
    i will defiantly try this one for my blog

    Reply

Leave a Reply




apple blog blog promotion Buzz chrome Developers extensions Facebook firefox games Google Google Buzz google chrome india internet iPhone iPhone 4G Linux microsoft mobile money mozilla nokia orkut PageRank password paypal Photos plugins privacy search engine Security Software themes tips tricks Twitter ubuntu USB wi-fi Windows windows 7 wordpress WWDC 2010 youtube

Facebook

Techy Labs has 958 followers