Blogs are a prime target for hackers. One reason? Bloggers simply make it easy for them to do it. In some cases, hackers do it just for “fun” or to prove that they can. Some consider themselves a sort of security vigilante, and hack blogs to make a point and spur the blog owner to take more security precautions. More often, the hacks stem from purposes that are more nefarious: The hacker takes over the blog to try to extort money from the owner, or to spread malware to all who visit the site.
Regardless of the reasons for attacks, they are common. If you want to be among the thousands of bloggers who have had their sites taken over by cybercriminals, be sure that you do these five things.
1. Don’t Change the Admin Details
When you create a blog in WordPress, the default login is an administrator account. However, the first thing that many hackers do when trying to attack a blog is to break in to that account. If they are successful, they then have all the tools they need to wreak havoc. If you want your blog to be hacked, then make this default admin account the only one. Of course, if you’d rather keep hackers out, the first thing you should do — before you even create a single page or post — is create at least one more admin account, using a unique username and password, and then delete the default account. It’s also a good idea to create two to three admin-level accounts so that if one is compromised, you can still access your blog to undo the damage. Just remember: More admin accounts means more potential points of entry, so keep it to three admins or fewer.
2. Don’t Check Plug-Ins for Viruses
If you want to make things easy for hackers, you can do a lot of the work for them and install plug-ins on your blog that come pre-loaded with malware. For those who would rather not install viruses themselves, it’s important to check all plug-ins for viruses before adding them to the site. Use your own virus scanning software (find some excellent options at top10antivirussoftware.com) to confirm that the plug-in is virus-free — and run regular spot checks to ensure that it stays that way.
3. Be Lax With Passwords
Hackers are usually willing to put in a little work to hack a blog, but you can save them to trouble by making your passwords easy to guess. After all, remembering that random code is so hard. It’s so much easier to remember “abc123” or “password.” The hackers will thank you for it, too. For those who want to keep the bad guys out, practice password management: Use complex strings of letters and numbers (not dictionary words) that no one can associate with you; change your passwords every 90 days or so, and never share your password with anyone else. Investing in a password manager can help as well, and if your blogging platform allows it, employ two-factor authentication.
4. Don’t Update Your Blogging Software
Updates are such a pain. They take time out of your busy day, and you have to stop what you are doing and run through the restart cycle. Sometimes, updates even make changes that you don’t like, so why take the chance? It’s not as if the hackers are looking security holes in software that hasn’t been updated or anything.
Except that exploiting security vulnerabilities is exactly what hackers do. Updating your software closes the loopholes that hackers can use to attack your blog, in addition to adding new features or fixing bugs that affect functionality. So while updates might take some time, they are well worth it if you want to protect your blog from hackers.
5. Don’t Block Spammers
Any comment is a good comment, right? It doesn’t matter that the comments are irrelevant and annoying, and most likely contain links to sites that contain harmful malware. Your readers can identify it on their own, anyway, and probably won’t even click on the links.
Of course, you can always use a plug-in like Akismet to easily deal with the spam comments by preventing them from reaching your site in the first place. Allowing the spam to get through isn’t going to do anything positive for your blog, and will probably drive readers away even before it spreads malware, so there is no reason to allow it.
With millions of blogs on the Internet, there are plenty of targets to keep hackers busy. You could make their jobs easier by ignoring basic security protocols — or take a few extra steps and keep your hard work secure. The choice is yours.