Comments on: Guarding Your Wordpress Blog

By: r3ck0rd

r3ck0rd — Mon, 07 Jul 2008 15:44:45 +0000

funny, now webappsec recommends me of WordPress because its security.

By: jordan fusion

jordan fusion — Sat, 05 Jul 2008 03:56:24 +0000

There’s always been a fine line between white hat and black hat seo techniques. It’s getting harder and harder to get listed on SE’s, so some are taking to hacking. It’s too profitable of a business to let it go.

By: Zak Nicola

Zak Nicola — Wed, 18 Jun 2008 00:04:45 +0000

Thanks for the reply and info Barry.

By: Broker

Broker — Mon, 09 Jun 2008 15:15:51 +0000

One of the easiest ways for hackers to get in is if you use a username and password that are related to your theme, my advice is to make all security related keys to be very different to the theme of your blog and to include random numbers.

By: ildvr

ildvr — Sat, 31 May 2008 14:47:19 +0000

security is a reason why people leave WP.

By: Barry Welford

Barry Welford — Wed, 30 Apr 2008 13:27:12 +0000

That’s really tough, Thomas. Backing up is so easy with the right plugin. You can back up after every post or once a week and it takes very little time. I hope you can somehow get back what you lost, although you then have some work to do however convenient your backup is. It’s tragic that such things happen.

By: thomas

thomas — Wed, 30 Apr 2008 09:41:42 +0000

I was hacked last week - grrr….My all data has been lost…forever :/

By: Barry Welford

Barry Welford — Thu, 28 Feb 2008 02:31:05 +0000

You’re right, Denis. I think so many people just do not realize the risks they may be running. It’s certainly wise to do periodic backups of websites and databases just in case.

By: M-D Doyle

M-D Doyle — Thu, 28 Feb 2008 01:37:46 +0000

I find the subject of Hacking fascinating in the sense that my team and I learn about security and programming by reviewing how hacks are done.

There is a certain irony in the fact that these hackers are using SEO techniques for their own ends. As stated in another post, setting up a blog in relatively easy and inexpensive but these “qualities” also part of problem. While the development team working on WP is doing a fantastic job, many of the features asked by users can be security risks. Hosting is relatively cheap, knowing how some ISP operate, I’m amazed that there are not more hacks. While modifying .httacces can reduce potential hacks, not everyone is hosted on Linux, so it’s only partially applicable.

While it’s great to have Open Source software and cheap hosting, the ubiquitousness and ease of setup are part of the problem.

By: Barry Welford

Barry Welford — Wed, 20 Feb 2008 04:18:52 +0000

Thank you, Gab. In fact I kept the best till the last one: this is only the middle one of the series. I’ll look into what happened to Lyndon Antcliff. This is all a very unfortunate learning experience. I’m intrigued what Google is doing about this, if anything. I did inform them very early on about what was happening but I’ve not even had an acknowledgement of my message to them.

By: Gab "SEO ROI" Goldenberg

Gab "SEO ROI" Goldenberg — Wed, 20 Feb 2008 03:54:51 +0000

Barry, this and the other posts in this series are really awesome. I wish I’d seen this earlier, as I might have been able to help it go hot on Sphinn :(. Let me know next time you post a gem like this, will you?

Incidentally, did you see that Lyndon Antcliff’s got cracked?

By: Webomatica

Webomatica — Fri, 08 Feb 2008 22:50:18 +0000

Thanks for the friendly warning and tips. Being hacked is certainly a fear for any blog owner.

By: Tech News

Tech News — Fri, 08 Feb 2008 21:18:38 +0000

Great article! Thanks.

By: Barry Welford

Barry Welford — Fri, 08 Feb 2008 19:30:40 +0000

Thanks for your comments, Brian and Amanda.

Your advice on backups is excellent, Lee. That should be for both the data and for the website structure.

I believe, Zak, that any blog could be hacked, what ever the software used. So with the .com shared version you may run into exactly the same problems. What increases the risk is whether your blog has significant traffic and is visible in the search engines. If so you need to be extremely vigilant.

By: Zak Nicola

Zak Nicola — Fri, 08 Feb 2008 17:38:14 +0000

Is this a problem with the .com shared version.

By: Lee

Lee — Fri, 08 Feb 2008 17:22:35 +0000

Thank you for the mention. Really appreciate it. Sorry to hear about your blog getting hacked. It can happen to anyone, even if you do try your hardest to keep them out. If you can try to keep a recent backup. That can get you back to normal pretty quick.

Thanks again for the link.

By: Amanda

Amanda — Fri, 08 Feb 2008 15:23:48 +0000

I agree with Brian. Often we spend so much time & effort building a site, we neglect ways to keep it secure. Great advice.

By: Brian

Brian — Fri, 08 Feb 2008 03:20:11 +0000

Thanks Barry. Good post. Something everyone probably needs to do if they are spending the many many hours to create a great site in the first place.