6 Ways to Protect Your Blog from being Hacked

You know how it feels…you’ve been writing a blog post every day for the past 2 years now, and you recently checked your dashboard to see that you already have over 600 posts; 600 posts that took an average of an hour to write, proofread and edit, format with images, and publish and share.

You’ve also noticed that you have a little over 10,000 comments; that’s at least 10,000 minutes of yours and you readers’ time, cumulated over the span of several years.

The above scenario seems cool, until something really strange happened.

You no longer own the 600 posts, and the 10,000 comments, and any other part of your blog. It would have been good news if you just sold your blog for five figures, but in this case, it was stolen from you; yes, a malicious hacker just got into your website, and is ready to rip it apart. As if the pain isn’t enough, the hacker that hijacked your blog will probably redirect your blog to an illegal website, or turn it into a website filled with adult content.

What Are You to Do in a Situation Like this?

Do you just sit down and fold your hands, and believe this is your fate? Or do you get your blog back? Or let’s reexamine the question:

What if you can prevent that from every happening?

What if you can make sure that thousands of you and your readers’ hours won’t be wasted eventually? A lot of us are sad at every instance of a particular website being hacked, when we are really doing nothing to protect ours. Here are 6 ways to protect, and save yourself in the case that hackers are targeting your website.

1. Have Strong Passwords, and Change them Regularly

The first step you should take to protect your blog from being hacked is to have a password that is very strong. You’ll be surprised at how simple the password some people use is, and they end up complaining when they’re hacked.

Make sure your password doesn’t contain your name, address, or even date of birth. Use something nobody can ever associate with you, and don’t ever talk about your password to anybody. Also make sure you change your password regularly; like every 3-6 months, and you will be able to protect yourself from being trailed by a hacker.

2. Have More than One Admin Account

It could be 3 or more, and it could be only two. It is very important not to have just one admin account. The reason for this is that the first thing an hacker will do once they hack your blog is to change your details, and you can protect yourself by taking control through your other admin account.

Another thing you should realize is that this technique is just as dangerous as it is helpful, so make sure you prepare yourself for this; the more admin accounts you have on your blog, the more routes an hacker can take to get to you. To protect yourself from this, make sure the username and passwords for all your admin accounts are so unique and different, so that it will be difficult for any hacker to take control upon getting to your blog.

3. Install Plugin that Monitors Your Files and Notify You of Changes Immediately

You can also tell your hosting to help you configure your server to notify you in case there is any change in any of your files at any time, or you can look for a plugin that makes this easy.

A lot of little changes happen to our blog every day, but the reality is that some of them shouldn’t be. It is important for you to make sure you don’t come to know about any of these changes lately, so make sure you regularly monitor your sever and wordpress installation for any changes.

4. Scan Every Theme and Plugin You Want to Install

This is especially important if you download your themes and plugins from other websites online, or if you’re using cracked plugins and themes. You never know when a sleazy programmer will put a little code in your theme or plugin, or when that cracked software you’re downloading will be virus infected.

Don‘t just wait to get hacked before you realize this, so make sure you scan every theme and plugin you want to install on a regular basis; scan them with your own antivirus before you install them.

5. Back up Your Blog Regularly

Don’t ever miss a day, because you never know when your blog will be hacked. One thing I have noticed in the hacking world is that, no matter how secure, there is nothing that cannot be hacked. Of course, you can invest time and effort into making your blog very secure, and you can even hire an expert to take care of this aspect. But the reality is, if a group of hackers dedicate their efforts to bring down your blog, it will only last a few hours at best.

The best thing to do in a situation like this is to back up your blog regularly. Have at least 2 plugins/software that backs up your entire blog, and make sure you check regularly to ensure your files are properly backed up.

6. Use Different Passwords for Every Aspect of Your Website

For every webmaster you can have up to 3 different username and passwords for your hosting, and these 3 passwords can make it easy for you to recover your website in the case that you’re hacked.

  • The first password is for your hosting account; where you can see tickets, pay for hosting, and change your Cpanel details.
  • The second password is for your Cpanel; where you can access various parts of your website and make changes directly to your blog.
  • The third password is for your wordpress installation in itself; where you can add new posts, reply to comments, create new accounts, and update your blog directly.

The deadliest mistake any blogger can make is to make all 3 passwords the same, and you can protect yourself to an extent by making these passwords different.

You should also make sure all 3 usernames are different, and try getting your web host to help you change your details from the default one to something more secure.

Paul is a freelance writer and broadband expert that help people find satellite TV providers.


14 thoughts on “6 Ways to Protect Your Blog from being Hacked”

  1. Very nice and neat tips indeed. Time to backup all my websites 🙂

  2. David says:

    Hi John, great post on protecting ourselves (as best we can) from being hacked. It’s true that nothing is 100% safe and any of us can be hacked despite the strongest precautions.

    On thing you mentioned about having more than one admin account is something I had not done before. That is a good idea.

    Backups obviously are very important. Restore from a backup and then get in and change the passwords immediately.

    Good point. I hope this never happens… Thanks John!

  3. Ashish says:

    Thanks for sharing this amazing tips on protecting a blog.I like your tip to have more than one Admin account which i have never heard of..

  4. Ehsan says:

    Hello Paul, Thanks for the information. My one old blog got hacked from someone and I didn’t have a backup of that blog with me.

  5. Richard says:

    Hi Paul,

    Great article, I’ve found plugins are usually the way hackers get in and have been very wary of what I install since being hacked a few years ago.

  6. faisal says:

    Use Vaultpress, dont give many admin login, so many valid tips.

  7. Bruce Barker says:

    I am relieved to know that my use of 3 different passwords for hosting, Cpanel and WordPress are recommended and indeed crucial to help prevent hacking. Phew…!

  8. Ashish says:

    Nice tips and would be useful.
    One query: If you have multiple blogs on one server (with multiple WordPress installations), how do you prevent an attacker from getting access to all your blogs from one compromised blog ? So, if you have 5 blogs on one server, and one of them gets compromised through some attack, what are the settings for making sure that the other blogs would not be impacted ?

  9. Edwin says:

    Thanks a lot for this great tips that are very useful to me. I have ever asked myself what to do in case of a hacker tried to attack my blogs. So I appreciate those advices to protect my work.

  10. Max says:

    Simple advice, but often overlooked until it is too late. One other thing I can add, is make a backup of your site that is not housed anywhere on your hosting, I found a small little plugin that can automatically backup your site to Amazon’s S3 service very useful http://wordpress.org/extend/plugins/automatic-wordpress-backup/ and it has saved my bacon when a certain web host managed to lose my site.

    S3 is very cheap, and offers a massive amount of storage, for individual object of up to 5GB in size…

    To find out more and pricing from Amazon check here Simple Storage System

  11. May says:

    I’m trying to subscribe for newsletter and it says I’m not inserting my mail…

    WordPress seems very intersting, nice post!

  12. gekko says:

    Regarding “having more than one admin account”, how this can protect from hackers? If he hacks your account, then he will also have acces to users list right? Ok… and from there to wipe all your users it’s just a small step. Anyway very usefull advices… i already made a back-up of my blog.

  13. Kate says:

    Hacking seems to be getting more and more common and when it happens to you it’s extremely frustrating. We had a site hacked by a drug company with hackers based in India. All of our keywords were suddenly now advertising them in the description. Ugg! Thanks for the great tips!

  14. Great posting as usual …but please usually check the spelling mistakes on your posts because they tend to downgrade the quality of the article. For instance: What Are You to Do in a Situation Like this? instead of What Are You going to Do in a Situation Like this?; What if you can prevent that from every happening? instead of What if you can prevent that from ever happening?

Comments are closed.