Happy new week my awesome friends, i hope we all enjoyed the weekend. I have a new guest for us today, He will be teaching you how to protect your blog from hacks, viruses and spam and I’m sure we’ll all enjoy what he has to share with us. You will know more about him on the Author Bio below when you finish reading the post. Lets welcome John Gibb……..
Do you think that blogging is all sweet cake and cream? Wait until hackers enter the backdoor of your WordPress blog and steal your files, block your site or even virus your documents. These vermin can put your entire (or parts of your) business at risk.
Can you afford not to protect your site?
Think about it. There are (skilled) people just waiting for the right opportunity to harm your site, steal your data or redirect your traffic to their site.
They can be anywhere… your (envious) friends, online contacts, fans or even your best customers. Your fiercest competitors are usually the ones looking at what you have (the popularity that comes with traffic, social media profiles and Google rankings.)
You have to secure not just your blog, and FTP accounts, but your Facebook, Twitter and all the other social media accounts you use as well. The first step is to create hard to crack passwords, or intruders are just waiting to hack in.
What to do right now before it’s too late
Here are some other quick tips – before I share with you a list of the top anti-virus, anti-hacking and anti-spam WP plugins you should check out/& install on your site…
With each new blog install you can change your WP username from the standard “admin” to something else, a username that is harder to guess or hack like *yournameadmin1, or *admin23yourname, etc.
Remove all plugins and themes which you’re not using.
Update all plugins and themes ASAP to their latest version.
Can this really happen? Can my blog be at risk?
Yes, it happened to Pat Flynn recently who got hit by a DoS attack. His main site went down for a week, which caused an estimate of $12k in lost earnings. It also happened to Theodore who you’ve probably read about before on how he got his hacked site back.
You better learn how to secure your site now and prevent hacks and intruders from ruining your blog or the entire business. If you’re running multiple sites and hosting and all of them are on a single account, I highly recommend you backup your server, and move each site (if it’s big enough in terms of traffic and earnings) to a separate or dedicated host.
How to Protect Your Blog from Hacks
Besides the standard advice I’ve already given you, you need to know about some specific WP plugins that prevent others hacking into your blog.
What I use/used and recommend
(Google search for these names if you cannot directly access the links.)
BAW More Secure Login
This WP authentication plugin adds a new field below the password to improve your site’s security and prevent others logging into your dashboard.
BulletProof Security
It’s a really useful (and somehow comprehensive) plugin which protects your blog from multiple attacks and security threats, including but not limited to Code Injection and SQL Injection hacking attempts, .htaccess security protection, etc.
MHR-Custom-Anti-Copy
If you care about your content and don’t want it being copy-pasted on to other sites, use this plugin. Great choice!
Secure WordPress
This plugin provides basic security checks for securing your WordPress installation. It’s the favorite amongst beginners for its ease of use.
WordPress Firewall 2
This WordPress plugin monitors web requests (to identify) and stop the most obvious attacks.
Warning: installing and activating these plugins alone won’t help much. You’ll need to edit the settings of each individual plugin, right? Some plugins might require different alternatives, as they’re outdated. Due diligence is required…
How to Protect Your Blog from Viruses
What I use/used and recommend
(Google search for these names if you cannot directly access the links.)
Kyplex Anti-Malware Service
Kyplex is a plugin which keeps your blog clean from viruses, malware and phishing kits.
AntiVirus
AntiVirus for WordPress is an easy and safe plugin to protect your blog install against exploits, malware and spam injections.
OSE Firewall™
This is a WordPress Firewall plugin created by Open Source Excellence to help protect your blog against hacking, virus and spam.
Sucuri Security
This plugin checks your site for malware, spam, blacklisting and other security issues like .htaccess redirects, hidden evil code, etc.
How to Protect Your Blog from Spam
Spam commenting is hard to manage, even with the latest and best plugins. It’s usually better to run with multiple plugins rather than one or none. Folks are getting smarter and using automated blog commenting tools (and they can look like real comments) that can easily go past the anti-spam filters.
What I use/used and recommend
(Google search for these names if you cannot directly access the links.)
Anti-spam
Anti-spam plugin blocks spam in comments automatically, invisibly for users and for admins.
SI CAPTCHA Anti-Spam
This plugin prevents spam from automated bots and it adds security.
.Peter’s Custom Anti-Spam
This plugin stops a lot of spambots from polluting your site by making visitors identify a custom word displayed as an image before commenting. It works similarly as the one above.
Block Spam By Math Reloaded
This plugin is known to protect your WordPress and Buddypress login, comments, and new user/new blog signup process against spambots with a simple math question.
How to Protect your blog | Summary
I’ve also been testing out wpmanage.com lately. I’m really impressed with how you can back up your websites, clone them to new domains and do a whole lot more… You can update all of your blogs from one central dashboard and it can make your life a lot easier, especially if you are a mass web builder like me. They also check your blogs for any malicious code that shouldn’t be there.
The vermin online make our jobs as ethical long term bloggers harder, but we can stop them in their tracks by securing our assets from the onset.
If you have any questions about blog hacking or know of other/better plugins, do let me know. I’m eagerly waiting for your comments. Let’s do everything to protect our sites!
Photo Credit:
Oluwaseun Babajide says
Hi John,
We all have to be born ready for hackers, by beefing up security. I know about SI CAPTCHA Anti-Spam, but new to other plugins you have mentioned here. I have to take a proper look at the rest.
Thanks for sharing.
John Gibb says
hi Olu
nice to meet you 🙂
Enjoy the different plugins. I’m sure you’ll find them useful in your blogging venture
By the way, I took a look at your site and I like how you combine different niches like business, work, self help and relationships…. as they tie in quite well together. It looks like you’re on the right track… Congrats!
Oluwaseun Babajide says
Thanks for checking out my blog. I look forward to have you as a guest! Speak soon.
Theodore Nwangene says
Thanks for your contribution Baba.
Harleena Singh says
Hi John, and welcome to Theodore’s blog 🙂
Wow – this is surely a great list of plugins that can protect our blog from spams, hackers, and virus attacks. I never really knew there were SO many!
I do use a few of them, and just like others feel – I too felt that those were enough, but when I had read about Theodore recent problem, I did put up a few more – but I guess it all doesn’t end there and you do need more protection.
I agree, if it can happen to Pat’s site or anyone else who use such plugins, it can happen to anyone – anytime. It’s better to take precaution before than after you are attacked.
I need to bookmark this page and go through each of these plugins that I’m not yet using and see what all to install. Which few would you recommend are a must from the list because too many plugins do make the blog heavy too.
Thanks for sharing. Have a nice week ahead, both of you 🙂
Theodore Nwangene says
Thanks for sharing such an informative post with my readers John,
Really enjoyed the post man.
John Gibb says
hey Harleena,
glad to re-connect with you here… and thank you for your wishes and feedback!
I still don’t think this is a comprehensive list of anti-hacking/blog protection plugins… surely there are multiple other alternative for each category… however, I strove to select the best, and more importantly, what I personally use/used.
You’re right that too many plugins will add a heavy load to the blog… that’s why we have to go with top essentials only, and remove the rest.
Besides, your web host needs to ensure it protects your sites from hacking and intruders and DoS attacks…
Best!
Theodore Nwangene says
Thanks Harleena,
I’m very happy you like the post. Thanks a lot.
Temilola Globalwalyy says
Hey John,
One of the most important part you wrote was to always update every plugin as soon as their latest version is out….
Even if you use all these plugins and most of them are outdated, then you should know you are still exposed to H*ckers..
Thanks for this Great info
John Gibb says
hi Temilola
glad to meet you!
you’re so right… updating the plugins to their latest version is essential, as well as avoiding to run with outdated solutions… I’d say avoid plugins that haven’t been updated in a year or so… that’s why you should be always looking for alternatives.
usually security and SEO related plugins are updated quite often
cheers!
Theodore Nwangene says
Yea my man,
You’re right and i quite agree with you. Thanks
Siegfried says
I prefer Growmap Anti Spambot Plugin that captcha spam protections – much easier and when comes to commenting easy is the right approach
best regards
John Gibb says
hi Siegfried
I simply forgot about that… heard about it before, didn’t use it. It sounds like a good solution. I know Gail from GrowMap. We posted some articles over there last month…
Thank you for your mention. Best!
Theodore Nwangene says
Thanks Siegfried,
I will also check that out.
Babanature says
Hello John, welcome to Theodore’s blog.
Having a blog is like having a child; you pampered her, protect her and even care for her. But if you neglect your blog and focus your thought on other aspect, it’ll definitely affect you and your business.
Many people creates their blog without thinking of the security part of it, like using a unique username, using a lengthy and hard password and security plugins.
I am also trying to protect my account the best way i know how. Thanks for this post and do have a blessed week ahead… 😀
John Gibb says
hey Baba
Thank you!
I like your blogging/child comparison… this shows that having a blog is not easy, and you have to be quite responsible or risk the consequence…
You’re right about the fact that most people use too easy to hack passwords… and not to mention the phishing attacks…the web is a jungle, just like the real world. Protection is a must, period.
Best!
Theodore Nwangene says
Hi Baba,
You’ve made a good point here also, using a unique username and a strong password is also a must. Thanks for coming too
valentine belonwu says
Hi John,
I really appreciate you taking your time to share this post with us especially the plugins. I wonder why these guys are targeting wordpress sites on this hack of a thing.
I also heard of that massive attack recently which even affected some of my friends. I’m very sure that this post will be very helpful in keeping our blog safe from them.
Although, i already know about some of the plugins you mentioned here, while i will have to check out the ones i don’t know yet.
What i will do now is to forward it to my friends, thanks for sharing.
John Gibb says
hello valentine
I think WP sites are easy to hack due to multiple reasons; you can read some above (check previous answers/comments)
1. people use easy to crack passwords/usernames
2. people don’t update plugins/themes/WP to their latest version
3. people use outdated plugins/themes
4. people don’t use anti-hacking plugins
but this is not just about WP… other platforms get hacked too, I would bet on it!
thank you for sharing the love. this post is really helpful and should be shared with others in need.
cheers!
Theodore Nwangene says
Thanks for that wonderful comment of yours Val
Kimsea says
That I am really and familiar with wordpress security and that amazing to hear about his. Thanks for sharing awesome tips.
Theodore Nwangene says
Thanks for the visit Kimsea
Kimsea says
Thanks for response! you done welcome job of blogging
Theodore Nwangene says
Thanks Kimsea
Jennifer Cunningham says
Thanks for the tips on securing my blog. I would hope that diesn’t happen to my site.
Theodore Nwangene says
God forbid Jennifer,
That cannot happen to your site, please ensure you adhere to these security measures that John shared here to ensure that your site is secured. Thanks for coming.
Adrienne says
Hey John,
Funny running into you over here at Theodore’s blog. Great post and one that so many people are probably eager to know with all the recent attacks most blogs have endured.
That is a heck of a list of plug-ins and I have no doubt that they are all good. I’m pretty sure though that you don’t recommended installing them all because I’m sure some overlap each other. Which ones would be your recommendations and feel are the strongest protection?
I have a few as well plus I have my files renamed in my cPanel so I guess I’m doing pretty much all I can do. Nothing is ever 100% secure so I can only continue to have positive thoughts that they’ll just give up on poor little me. So far so good.
Thanks for this awesome jam packed post and you two have a great week.
~Adrienne
John Gibb says
hi Adrienne,
Thank you for the nice feedback
You’ll see me on other blogs as well, quite often! 🙂
My favorite plugins are ALL in the first category, OSE Firewall™ and Sucuri Security for virus protection. And for anti-spam, one is suffice I guess… whatever you like.
I see your blog is growing… and growing…. so be aware! 🙂
Best!
Theodore Nwangene says
Of cause Adrienne,
You cannot install of them. I’m also taking my security very serious now. Please, how did you renamed your files in your cpanel? I will also like to do same.
Thanks for stopping by.
Neamat Tawadrous says
Hi John,
After reading what happened to Theodore’s blog and what I heard in the news about WordPress blogs being targeted, I got scared and I was looking for guidance on how to protect my blog. These are great plug-ins and I bookmark this post and will have to look into them all and choose whatever is needed for the best protection.
Thanks John for sharing these plug-ins with all of us. Have a great rest of the week
Be Blessed,
Neamat
Theodore Nwangene says
Thank Neamat,
I don’t ever wish anyone to go through what i went through so, you will have to your blog security serious indeed. Thanks for coming.
John Gibb says
hi Naamat
glad I could help with this post. please spread the love and let’s help others in need who don’t know much about plugins and security related issues
if you have any questions, I am here.
Happy Easter!
Sylviane Nuccio says
Great, great post Theodore,
OK, I’m glad you wrote this because I am scared to death to just delete a plugin that I’m not using anymore.
There is a plugin called Cache… which once totally messed up my blog when I tried to get rid of it. What could I do with this issue? I really want to get rid of quite a few old plugins, but I’m so scared. Do you have some advice on that? 🙂
John Gibb says
hey Sylviane
You could delete plugins which you don’t use without any fear whatsoever. I think I know about the type of cache plugins which you’re talking about… if you cannot delete it as usual, then log into your FTP account, and remove it completely.
If you have any other q’s, let me know.
Hope it helps!
P.S. The post was written by myself 🙂
Webdev1 says
Different protection plug-ins different choices. Thank you Theodore. It may really helps since I’m planning to try WordPress to create a project site. So I need these.
Connor Harley says
As a site owner, we cannot afford any risk from hackers and spammers. I personally choose the plugins I am using and I am very satisfied with those.
Enstine Muki says
Hey John,
I’m grateful you mentioned this post in a comment on my blog. It’s filled with useful materials
I have a security plugin that enables me create a unique login url. It also blogs IPs after a certain number of failed login attempts. It does a lot more and I think it’s worth giving a try.
One I’d like to give a try that you have mentioned here is BAW More Secure Login. I’m going to check that out right away
Thanks for the value in this post
John Gibb says
hey Enstine
I’m glad I could help, and your plugin solution sounds interesting. Is that a paid one? Where can we find about it? 🙂
Prince Ramgarhia says
thnx for really nice post i am gonna use one of them to sevure my blog ..
John Gibb says
You better use most of them, not just one!
I think you should consider these threats more seriously, and maybe re-read the article…
Best!
John Gibb says
hey Theo
I’ve emailed you a few times, but it looks like you’ve not received my message for some reasons.
I was asking you about the nice and super useful blog commenting CAPTCHA pluging which you’re using on this site… where can we find that? 🙂
Cheers!
Theodore Nwangene says
Oh, so sorry for that John,
I never saw your email. Let me check anyway. But the plugin i uses for that is Conditional CAPTCHA for WordPress. Thanks
Saffron Extract Trim says
Do you mind if I quote a few of your articles as long as I provide credit
and sources back to your site? My blog is in the exact same
niche as yours and my visitors would definitely benefit from a lot of the information you present here.
Please let me know if this ok with you. Thank you!
Theodore Nwangene says
No problem Saffron,
But please, don’t over do it and never forget to provide the credits.
Thanks
Orjiakor says
Thanks, for sharing this information with us.
Theodore Nwangene says
Welcome to my blog Orjiakor,
I’m happy you enjoyed the post.
rahul says
Thanks for give a more helpful tips…….
sex dolls says
This came in handy. Spam has been a nuisance in my. Thank you for this
Theodore Nwangene says
Thanks
ban yen says
thanks so much for your tips
No Name says
Hey there, I came across your web blog through Search engines when evaluating a comparable theme, your web site developed, it appears being terrific. I’ve put into my own favorites|combined with my own book marking.
Theodore Nwangene says
Thanks for the compliment.
Matinder singh says
great article totally gonna follow this bookmarked blog.
Theodore Nwangene says
Thanks Matinder