6 Tips to Protect Your Blog From Being Hacked

No one likes it when things go bad. Especially not when you have put in years of efforts and it all goes to waste.

It happened to me, it was 2 years ago when one of my top earning blog was hacked and my lack of knowledge about how to secure your blog cost me 1 years of blog work.

With my heart filled with pain having to loose the blog, readers and reputation I built, I closed down my blog. I did not let that keep me down, I started another blog, afraid of being hacked if I used the same blog.

This time I wanted to make sure that I never lose any of my blog work or let my efforts go in vain. I learned everything that I could about blog security.

I am prepared now, if you have a hacked websites,you have all the resources to Secure Your Blog get the site up and running in no time. While I take all these efforts to protect my blog and the efforts I’ve put into it, there are hackers out there still trying to destroy blogs all around the world.

Blogs both big and small are hacked all around the world, they spare no one. From my experience, its better to stay safe than sorry.

When top sites and business are being affected, Zappos Hacked, Facebook Hacked, I think you need to secure your blog as well.

Here are some tips to follow if you WordPress blog is hacked and Secure Your Blog

  • Take the blog offline immediately– The best way to do this is to rename your index.php file in the root directory.
  • Remove free themes – Most free theme have poor security built into them and are an easy means for hackers to add malicious script and code into your blog.
  • Remove all plugins – Most free plugins also have poor security built into them and can be an easy means for hackers to add malicious script and code into your blog.
  • Re-install WordPress – This would clean up any virus or malicious scripts that might be sitting within your CMS.
  • Review your Database – Reviewing your database can help you figure out if there are any malicious scripts or codes on your server. At times there are codes or viruses that are loaded right from your database and can be hard to identify.

Monitor for Attacks or Threats

It was not until my blog was hacked that I realized that I need to monitor my blog for strange activities. If your running your blog on WordPress, then How Secure Is WordPress blog? its most probably being hacked everyday, just that they are not successful at it.

While researching about a particular malware that had affected my blog, I came across a neat online service that solved all my problems in terms of blog security.

Its called sucuri.net.

Sucuri is web monitoring and malware clean up service. At the time my blog was hacked, it was a cost effective solution for me. The services and the features that they offer are good to Secure Blog Sites. With that said, they also let you to do a free scan on their website.

Monitoring my blog for attacks let me understand how many people are trying to access my blog from around the globe and take it down.

BackUp your Blog Regularly

This is one of the most important things that I failed to do while I was running my blog two years ago.

I lost all my content and hard work because I did not back up my blog. I was networking hard and having engaging conversations on this blog.

At one point I even had Darren Rowse leave a comment, which was super awesome.

As for the back up part, you can do this in two ways.

  • Your hosting provider can provide you with a back up of all your server content. I’ve always found this quite hard to understand and maintain. I guess this goes for all those not so techie people.
  • I now use an awesome plugin called the BackupBuddy. What BackupBuddy does is back up your entire WordPress installation. Widgets, themes, plugins, files and SQL database – the entire package!

Just like your laptop or desktop computer, you should be doing regular backups of your website.

With BackupBuddy you can schedule backups and have them sent off-site to Dropbox, Amazon S3, Rackspace Cloud, an FTP server, or your email. Or download them right to your desktop.

You can check out the plugin here!

Tips To Backup Your WordPress Blog To Dropbox

In an earlier articles I talked about 6 Ways To Secure Your Blog And Your Hard Work.

With a new start up every day, there are more and more options made available for bloggers and small businesses.

Today, you can back up your data to various cloud systems, depending on which one you are using.

This post will help you understand how to back up your blog to Dropbox.

The simplest way to backup data to Dropbox is using a plugin called wpTimeMachine.

This simple WordPress plugin backup’s your entire WordPress blog/website to your Dropbox account. All you need to do is make a few configuration changes via the WordPress Plugin.

The plugin is designed to allow automatic backup of your WordPress database, themes, plug-ins and all the other files and images that you may uploaded to your WordPress folder.

After you install the WordPress plugin, update your Dropbox credentials and hit the Generate Archive button.

The archive process would begin immediately and should be complete in no time (depending on the size of your blog) you should see the backups in your Dropbox folder.

The plug-in can be configured to trigger backups as soon as you publish a new post.

The plugin is equipped with features that would allow you to setup a cron job to backup your WordPress site at scheduled time automatically.

Points to note

You may have uploading issues if the wp-content folder is too large because the Dropbox API won’t accept files that are larger than 300MB.

If you backup data too often you might put too pressure on your server allowing it to crash or even increase your hosting costs due to utilization of resources.

If this is something that you already follow, share some of your tips and suggestions in the comments.

Keep your PC Clean

Its not all about the website/blog being clean. You need to keep your PC clean as well.

Nowadays, there are phishing sites that store malware in the form of cookies onto your PC. These malwares are hard to detect with free antivirus software.

Scanning your PC regularly for viruses and using a powerful antivirus software can help you to keep both your PC and its content clean and also your blog.

Stay Away From Sites That Store Pirated Content

From my experience, I learned that most sites that host copyrighted material have some sort of phishing or malicious codes that install on your PC.

It was when I was searching for a movie trailer, that I got to a blog that actually had the entire movie hosted. Not realizing that it was not a trailer but the entire movie, I began playing the video.

It was only a matter of time when my PC crashed. By the time I got my PC back up and running, the malicious code had already been installed and accessed the cookies files and passwords and had loaded the malicious codes on to my blog.

This was quite easy for the script to infect my blog as I was logged into my blog working on approving a few comments I had the day before.

Subscribe to Antivirus and Malware Update Newsletters

The best way to stay ahead of the various malware and online virus attacks is to subscribe to newsletters from Norton, or the antivirus service provider of your choice.

Most antivirus product companies stay ahead of viruses to ensure that everyone’s PC is clean and safe.

There are weekly and monthly newsletters that will tell you about the various virus attacks that are going around and how they go about affecting PC or websites.

Hosting Security

One the main reasons that blogs and websites are hacked around the world is because, some of the cheap hosts have poor security measures.

I use SiteGround right now, even though they offer different types of hosting. Their security levels are quite high and this prevents most virus attacks.

However, many hosting providers don’t really offer you any sort of clean up or monitoring service. If they did, they are sure to charge you extra.

If you liked the tips to Secure Your Blog. You can show your appreciation by leaving a comment or sharing this post on Facebook, Twitter and Google Plus.

4 Comments

  1. sherman smith Reply

    Hey Eddie,

    I know this quite too well. The only difference is that I didnt’ lose my site or data, but I had a lot of malware. But it’s funny how much you learn about how to protect your blog after the fact.

    Like you I use Sucuri and have been using them for almost a year and a half. Before I was just using my host’s sucurity service which didn’t help too much. They told me that they made some renovations but by that time I had been using Sucuriy for a few months.

    But these are some great tips. Especially for backup up all the data of your blog. I work in IT and I always tell the users to make sure they back up their info. to their personal drive. A lot of them didn’t listen, but the ones that did had a lost their data due to a virus. It definitely wasn’t fun for them 😉

    Thanks for sharing these great tips Eddie. You have a great rest of the week!

    • Sherman, having your blog infected with malware is the worst that can happen to a blogger other than the Google algo updates. We all hope and wish that everything works fine, but from time to time we miss out on simple things and it costs our blog and all our efforts to help others and make money in the process.

  2. Hii Dear, could you tell me what can I do for blogger site? You mentioned about all the plugins compatible with wordpress,but what about blogger? Yeah I do back up my template and data more often, any security advice on this??

Leave A Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Navigate