I’m sure most of you think: “Why would anyone want to attack my blog? There’s little to no traffic, I don’t have any enemies, and my content is not about controversial topics that would make someone lash out on me.”
But the truth is, in most cases, hackers don’t target one site in particular, but brute-force -attack many attempting to access those that are not protected. It makes no difference whose site that is, just that it’s theirs now. And once they are in, they can publish illegal content or spam through your blog, set up phishing websites, distribute malware, use your server in a denial of service attack, etc.
This can not only damage your ranking with Google, but if you get involved in a criminal activity (copyright infringing material or even child pornography) the problems can become much worse. I’m sure that’s not in your blog’s plans and goals list.
Following are few steps to take to ensure your blog is secure from hacker attacks. However, bear in mind that no website is 100% protected. A hacker with enough skills can hack absolutely any website. But since no hacker would be aiming you directly but targeting the low-hanging fruit, the unprotected sites, by securing your blog you are out of the list.
Use two-factor authentication. It’s a two-stage verification process, meaning you need a password and a code from a text message, or phone app for example, to be able to log into your account. WordPress provides this security feature for its users, as well as Google, Facebook and Twitter (watch their video – ‘Help us help you’)
Make sure your username and password are both strong. This is universal rule; it applies to every service. It should not be easy for a person or computer to guess and crack your username and password, and you must use different username/password combinations for different services.
Click for more in our post with security tips for WordPress bloggers.
Don’t enter your password just anywhere. Never click an email link or instant message and enter your password. Phishing attacks are quite common and can cause great damage. Check if the site is HTTP secure (starts with https://) and only provide your password if you’ve typed or selected the URL yourself.
Be careful with your answers to offered security questions. Select those that no one else knows the answer to. And ensure it’s not information people can google about you.
If you need to, you can also lie in your answer. It makes no difference if you are certain that you’ll remember what you’ve entered. Security questions and answers are very important because others can use them to reset your passwords and block you from access.
Only connect your site and related accounts with apps, plugins and tools you trust. Regularly update the ones you use, and disable and remove the plugins that you don’t use. Be careful who you give access to your valuable data.
Do you play safe on the Internet? Share your favorite security plugins and tools in the comments below…
Also check my tips to back up your blog data.