DISQUS

BPWrap : How Wordpress Blogs Are Hacked | BPWrap

  • Wayne Liew · 1 year ago
    First of all, thanks for the link.

    I guess one should always have their blogs backed up. At least even if a hacker is smart enough to break though every barrier that we have set up, we still have something to fall back onto.
  • Barry Welford · 1 year ago
    Thanks for stopping by, Wayne. I would suggest doing a backup just before the weekend: that's a time of higher risk.
  • Diane Vigil · 1 year ago
    Excellent post, Barry.

    Your caution about having backups is important; without backups, you're open to all kinds of things happening, including simple error. That would include backing up your database on an ongoing basis, as some hacks may insert stuff in the database.

    I also think that, if your WordPress blog gets hacked, it's vital to look into *how* it got hacked so that you can plug the hole.
  • Barry Welford · 1 year ago
    Thanks, Diane. Your two points re database back-up and finding the hole are very sound advice. The latter is sometimes not easy unfortunately.
  • DianeV · 1 year ago
    I agree, Barry.

    I looked through some of the examples at the links you provided. I think one thing that can be helpful is that, if you don't need for people to register, to simple put a password on the wp-admin folder. At least, that's one thing out of the way.
  • Barry Welford · 1 year ago
    I guess an alternative way, Diane, is to allow access only to IPs that you control. I'm not sure whether that blocks people registering.
  • Lynne Foster · 1 year ago
    Some excellent tips there - thanks!
  • Barry Welford · 1 year ago
    Thank you, Lynne. I think they are just the essential 'house maintenance' that we must all get involved with for peace of mind.
  • XStrafer's WebPlace · 1 year ago
    great ideas! thanks a lot for a good article
  • Joshton · 1 year ago
    I think the best way for hackers to hack wordpress is through some sort of injection through the browser URL bar. Before the recent upgrades, XSS (cross ssite scripting) were the most common, especially through the editor.
  • Web Design Philippines · 1 year ago
    They said, some plugins that you install in wordpress can hack you? Is that true?
  • Barry Welford · 1 year ago
    There is always the possibility that a plugin has not been made as securely as it should. It's important to stay aware of developer comments about plugins and watch out for security loopholes. Normally the most popular ones should not give problems.
  • r3ck0rd · 1 year ago
    I don't know if "spamming" considered as hacking.
    I would recommend Yawasp against spamming by the way. <span style="font-size:x-small;">(Admin note: Yawasp is in German.)</span>
  • Web Hosting Hints · 1 year ago
    Wow, what a revelation. I was still using blogger for my blogs. I was searching for info. on wordpress. I want to get into it. After reading this, I'm a little bit more cautious.
  • Barry Welford · 1 year ago
    I would still strongly recommend using WordPress rather than Blogger. What you gain with functionality and SEO far outweighs the small amount of effort required to maintain a high security level.