Security again… sigh.
I am trying to figure out how to ip deny certain ip addresses from visiting (read: hacking) my blog as a bit of preventive security. I spent a couple hours yesterday cutting and pasting ip addresses from my cpanel stat files into an excel spread sheet so I could easily cut and paste individual ip addresses (from .ru and .vt) into the IP Deny Manager under the Security section of cpanel. Easy enough, right?
No, I know. For most people this is total gibberish. And this is just what hackers count on.
WordPress is the most hacked blogging platform on the inter-webs-cyber-grid-o-rama. Why, because next to Tumblr, WordPress is the most popular blogging platform. It only makes sense that villains would target the biggest market.
I will eventually move off of WordPress to a more secure platform, but I know that no platform is completely secure. Might I add that this is especially true now that we know that NSA is building and requiring backdoors into everything. Sigh again.
There are some things you must do right now to secure your WordPress site if you have not done so already.
- Go to Sucuri and scan your site(s).
- Change your passwords to log into your blogging dashboard and your cpanel on your hosting account.
- Install the Akismet plugin. Do this from your blog’s dashboard. It is about half way or so down the left side column. Pay them something, even a couple bucks, even though you can get it for free.
- At the very top of that same left column you can click at the top on Dashboard. You will see “Home” and “Updates” and maybe some other things dependent upon what you have installed on your blog. click on updates. You will want to install the latest version of WordPress and the latest version of each and every one of your plugins. But BEFORE you click update, do a backup of your blog. How? Simple.
- Go to that left column again. Under the “Tools” section select “Export.” Save the .xml file on your computer. In doubt about what parts to click to save? Just select them all.
- Now you can manually go through and update your versioin of WordPress and each Plugin. Do this immediately any time an update becomes available. You should always have the latest version of any and all software. Yes, you will have to check this out a couple times a week by going to the “Updates” section of you dashboard.
There is much more you can do, but that is enough for today. I will cover some other simple things you should be doing to keep you site safe in other posts later this week.