Security of a blog is the major component of blog management. By securing your blog, you mean that your blog is safe from intrusion by hackers and other badmen who want to intrude into your blog and put some malicious content on your Blog.
Security should be the major cause of concern for the blog owners who run a blog that recieves a good traffic and is popular, because such sites have more chances to be targeted.
Here are some basic things to be done to protect your WP powered blog:
- Check if your WP is of the latest released version. Always upgrade to the latest version available, as the new releases are more secure and bug-fixed.
- Choose a secure password, using atleast one special character and/or numbers.
- Assign only the required File Permission for any file, not more than the required FP. More details on FPs can be found here.
- And lastly, implement some Security Plugins on your Blog.
Security Plugins help you to secure your blog. I’ll be introducing you to some of the most useful and affective plugins:
It acts like a Firewall for your blog. It blocks the most obvious attacks. WP Firewall can block directory traversals, SQL queries, WordPress specific terms, field truncation attacks, leading in application parameters. It can also block the uploads of executable files such as .exe, .php, etc.
It records the IP Address and Timestap of the failed login attempts. If more than 3 failed login attempts are done within 5 minutes from the same IP, then the login function is disabled for all requests from that IP Address. This helps to overcome Bruteforce attacks.
WPIDS (WordPress Intruder Detection System)
It is the WP version of the PHPIDS. It blocks all the malicious code that is used to attack your blog like SQL Injection/XSS/CSRF, etc…
It scans your WP for vulnerabilities and gives suggestions to correct the vulnerabilities. It also offers to change the table prefix (wp_) easily to some other prefix.
This plugin protects your whole wp-admin with a password. This helps to prevent unskilled, newbie hackers from attacking your blog with some special vulnerabilities.
Hello Satish,
Really nice n handy tips, I had already installed wp security scan… Should I also go for d rest plugins mentioned above ???