If you blog and you have the slightest chance of your blog becoming popular by any standard, then you need to lock down your site, and you need to do it now before it is too late. There are way too many hackers out there looking for websites to steal to make a quick buck, and your website is at risk. Here are ten ways you can try to protect yourself and your site from being hacked:
1) WP Security Scan
While there are many different plugins and applications that advertise themselves as ways to entirely secure your blog, you should know that many of them don’t live up to expectations or are simply threats in their own right. WP Security Scan is a different endeavor; this popular and effective tool looks through your blog for loopholes and potential breach points, even small ones. It is a great tool for starters and doesn’t cost anything for you to use.
2) Create a Backup
While you never want to find yourself in a situation where you have to use a backup, you will be thankful you have one should a server go down or a hacker attack your blog, forcing you to reload. You will also be clear headed whenever you have to make a security decision to temporarily delete or shut down your site because, with a good backup, you can bring everything back with only a few hours of work. If you are wondering about the best backup options, a password protected flash drive is a great choice as well as an external SSD for a larger amount of content.
3) Keep Personal Information Private
The human element is usually what creates a potential security breach in a blog, and the more that your readers, or hackers posing as readers, know about you, the easier time they will have causing you problems. Unless your personal brand is important to the blog try to remain as private on your website and articles as you possibly can. Use a pseudonym and change identifying details in your posts should you feel the need or think that people might be finding out too much.
4) Protect Your Email
Your email is the gateway to your blog, and it needs every bit of protection as your blog. If a hacker gets into it, they can likely get ahold of your blog account as well as other accounts that could lead to things such as identity theft. Give the security information to no one, and refrain from using it for risky enterprises.You may also wish to simply get another email address for you to use for your blog and your blog-related communications, so that you can divide your risks.
5) Lock Down Your Devices
Just as your email has access to your blog and other accounts, your devices are most likely logged in into your blog right now or will automatically log in when opening the webpage. This is a massive and obvious securit y risk. While it is inefficient to log out every time on your own devices, you should take great care to increase the physical security on those devices. Do not let them out of your sight, and do not let anyone else touch them, even if they are an unwitting friend. The security of your blog matters too much.
6) Avoid Public Networks
If there is anything that you should know about public networks, it is that they are dangerous for you and your blog. The problem is that most are insecure, and without protection, hackers (who don’t need to be skilled at all) can use a simple device to intercept your information (including your passwords) and use it against you to hack your blog or other accounts. If you are going to be blogging at the café or in another public setting, stay offline or find protection.
7) Use a Virtual Private Network
Related to the threats that a public network poses, a Virtual Private Network is one of the best ways to protect yourself and your privacy from cyber criminal threats and online surveillance. What it does is connect your device to an offsite secure server using an encrypted connection that will protect you. This allows you to hide your IP address to maintain your privacy and use any network that you wish safely, protecting sensitive information about your blog.
There are a lot of VPNs out there for you to pick from however, so Secure Thoughts has compiled a collection of reviews for you to take a look at.
8) Randomly Generate Your Passwords
Regardless of whatever you do to create your passwords, you need to keep them extremely strong and change them every couple of months to keep people guessing. One excellent option is to use a random password generator online as pictured below to create the passwords for all of your important accounts. That way no one will be able to guess what you created, and the only feasible way would be to force the password (which isn’t all that feasible at all).
9) Prevent Directory Browsing
If you have directory browsing enabled, hackers can go online and, by combing through that directory, see if you have any security holes or files with security holes on your website. You do not want to allow hackers to see your vulnerabilities and regular viewers will still be able to see your wonderful content, so it is best to turn this setting off. To do so on WordPress, you need to add “Options – Indexes” to the end of the .htaccess file, which you can find in your main WordPress folder.
10) Consider Making it Private
This is likely an unacceptable option to most of you, but some readers might want to consider making their blog private. You will still be able to reach any readers that you value if you invite them, and it is a great option to those who blog for friends/family or an extremely limited clientele. If you want to do so, you can generally find the option in the settings for your blog, regardless of platform. You can also do it at the post level as shown below.
