Forbes reports that approximately 30,000 websites a day are distributing malicious code to their users, and most don’t even know it. If your website is hacked, you may not know it until one or more of your subscribers report being hacked because they visited your site. Imagine the consequences of this.
Whether you’re a fledgling blog or a successful one with thousands of visitors per day, if you’re hacked you’re going to lose traffic. Don’t wait until cyber criminals attack your blog, take the time today to protect your blog and livelihood.
Back it Up
No matter how secure you think you may be, there’s still a chance you can be hacked. Hackers are extremely clever, so clever they’ve learned to bypass network systems even when they’re protected with two-factor authentication. It is extremely important that you regularly backup your site’s content and design. Although you can store this information on a hard drive (external or cloud), you’re better off storing it offline, such as on an encrypted USB memory which is a FIPS certified flash drive.
How often you backup your website depends on a few factors, including how often you post and how important these new posts are to you. WordPress recommends that you keep at least three backups and that you store them in different places or forms. You can save on web disk, to your email, on flash drives, and on CD/DVDs.
Change Your Passwords
How long have you been using the same password? If it’s been more than six months, it’s time to change it. In general, you should change your password every three to six months because this limits how long a hacker has access to your account. “If someone steals your password and you don’t know, the attacker could eavesdrop for an unlimited time and glean all sorts of information about you or do other damage,” reports LifeHacker.com.
Don’t use a password that contains your name, birthday, or other identifying (easily guessed) information. Choose a password that’s at least eight characters, features capital and lower case letters, numbers, and one or more special characters (@#! Etc.) Or, you can make it easy on yourself and use a password manager. Also, don’t use the same password on your blog that you use with other accounts.
Create a Second Admin Account
Having more than one admin account ensures you can still log in should a hacker take over your main admin account. Once a hacker has that information, he’s going to edit the account information to prevent you from logging back in. A second admin account ensures you can still get in if you need to.
Also, don’t forget to block spam bots, such as referrer spam bots. For instructions on how to block these spam bots from your analytics report, check out this article: What is referral spam and how to block referral spam bot in Google Analytics report.
Install Antivirus Software Everywhere
You should never log into your blog from a non-secure device. Your smartphone, tablet, PC, etc. all need virus protection and anti-malware software. Before logging in from a newly secured device, scan all files for viruses. If you download software from third-parties, your antivirus and antimalware software will scan those files ensuring they’re safe to use on your device and your blog.
You don’t know how or when of even if a hacker is targeting your blog. An investment into your blog’s security is an investment in your financial security. If your plan is to grow your blog, engage a large audience, and sell advertising or services, you don’t want to be blocked by search engines (yes, they block hacked sites) or lose subscribers because they’re angry that they caught malware from your site. Protect yourself and your users by employing the easy strategies listed above.