Recently one of my client’s blog was hacked. When you went to his blog there was a giant picture of the Kremlin with a Czar with big red eyes staring at you. The title of the blog was HACKED BY LEONID, THE RUSSIAN HACKER. Thankfully LEONID was a kind hacker and he only replaced the index page of the site and changed the title. He could have done so much more to destroy the site.
The reason the site was hacked is because my client didn’t want understand the need to install security updates. He was running an outdated version of WordPress which had some security holes but he didn’t understand how important it is to install security updates when they’re released. Also he never backed up his blog so he could have potentially lost all of his blog history but Leonid was kind this time.
How can you protect your blog from Leonid and other hackers? Unfortunately, there are thousands of hackers constantly looking for security holes on the internet. Most of these hackers are teenagers playing around and they intend no harm. They just want to see if they can break into your website or blog. Most will do nothing once they break in, some will make some small changes like Leonid did, and some will plant viral code on your website or blog that will turn your website into a data collection server or an email forwarding server. This is how many email spammers relay their messages through hundreds of web servers so they can’t be traced.
Take a moment and search Google for phrases like "password cracker" and "how do I hack a website" and look at the results. You can learn how to break into literally anything by doing a simple Google search. How scary is that?
So how to you protect your website and blog from the hackers?
1. Keep up with your security updates. Install them immediately when they’re released.
2. Change your passwords regularly and don’t share your passwords with others
3. Don’t use obvious usernames like admin, administrator, sysadmin for your account names
4. Back up your website and blog at least once a week. Do it more often if you are adding a lot of content to the website or blog. Back up the website code and also back up the website database if you’re using one.
5. Search Google for guides that will teach you how to protect your website and blog. Here are some great examples of tge free information available on the internet.
Recommended file permissions for WordPress blogs
6. Subscribe to updates from reliable sources like www.blogsecurity.net
7. Work closely with your webmaster and webhosting company. Your webhost should be installing security updates to the server operating system on a regular basis. IF they aren’t you need to find a webhost that takes security seriously. Many small webhosting companies do not keep their server operating systems updated. Your webmaster should also be aware of security vulnerabilities with your website or blog.
To most people, finding time to post to their blog on a regular basis is a challenge. Finding enough time to keep up to date on the latest security vulnerabilities and installing the numerous updates is out of the question. It’s a full time job researching and installing updates for your website and blog and you’re better off focusing your time on building your business and doing what you do best.
Personally, I love playing with technology and enjoy keeping sites secure (can you spell NERD!) If you don’t have time to keep you website and blog secure and backed up or you just don’t want to deal with the hassle CLICK HERE to learn how to keep your website and blog safe and secure.
Ted Prodromou is an online marketing and search engine optimization (SEO) consultant who has been working with the internet since 1991, long before Al Gore invented it.